Hacker News new | ask | show | jobs
by ikeboy 1831 days ago
There's a timelock where any such changes are delayed by 12 hours. So if they were to submit a transaction that people didn't like, they could exit - this significantly reduces the expected value of trying to steal funds since most of it will vanish. But it's useful to be able to tweak some parameters in case of bugs such as this.
1 comments
pavel_lishin 1831 days ago
12 hours is not a lot of time.

And what does it mean that they could exit, when the contract itself was completely broken in the meanwhile?

link
ikeboy 1831 days ago
It's enough time for most people to exit during normal circumstances. Sometimes longer periods are used. Definitely better than nothing.

In this case people wouldn't have been able to exit due to the bug, correct.

link
PragmaticPulp 1831 days ago
> It's enough time for most people to exit during normal circumstances.

Most people don't monitor the finer details of their investments 24/7.

12 hours is better than nothing, but it's unrealistic to expect everyone to stay tapped into news feeds about their crypto at minimum twice a day.

link
seoaeu 1831 days ago
Yeah, 12 hours means you can't even count on watching during business hours, you need to constantly be checking evenings and weekends too.
link
ikeboy 1831 days ago
The main benefit is reducing the incentive for the developers to steal. If you know 90%+ of the funds will disappear before you can do anything then it's much less attractive (where the alternative is making money by fees over time if the protocol is successful).

The risk needs to be balanced with the risk of funds lost because of a smart contract bug that can't be fixed. Different projects make different choices here.

link
blake1 1831 days ago
I think an unscrupulous developer would find 10% of $275mn to be a pretty big incentive. Sure it’s relatively less, but still a very large number.
link
xur17 1831 days ago
Typically projects like this start with "training wheels" like this at launch, and gradually increase the timelock delay and / or move the control over to a dao to control.
link
TigeriusKirk 1831 days ago
People doing esoteric DeFi are tapped in much more often than that. I'd agree in a broad general use case it's not enough time, but for DeFi as it is today, it's plenty.
link
senjin 1831 days ago
But we're not watching contract changes. We're relying on that from 2nd and 3rd hand sources that might not be available in a 12 hour window.
link