Skip to content

Timelock

The timelock is a cornerstone of security in Morpho Vaults. It is a mandatory waiting period for sensitive administrative actions, designed to protect depositors by ensuring transparency and providing a window to react to proposed changes. This mechanism is fundamental to the non-custodial nature of the vaults.

The Timelock Process

A timelock enforces a simple but powerful workflow for critical changes:

  1. Submit: An administrator (the Curator in V2, or Owner/Curator in V1) proposes a change by submitting it to the vault contract.
  2. Wait: The proposal becomes pending and enters a waiting period. The duration of this period is defined by the timelock. During this time, the change cannot be executed, and anyone can review it onchain.
  3. Execute: Once the timelock duration has passed, anyone can call the function to execute the proposed change, making it final.

This delay is crucial, as it prevents malicious or erroneous changes from taking effect instantly, giving users and safety roles (Sentinel/Guardian) time to intervene or withdraw their funds.

Timelocks in Morpho Vaults V2: Granular and Flexible Security

Vaults V2 upgrade the timelock concept significantly by introducing per-function timelocks. This allows for a more nuanced and sophisticated approach to security.

How It Works: Timelocks per Selector

Instead of a single, global timelock for the entire vault, a V2 Curator can assign a different timelock duration to each sensitive action, identified by its function selector.

This flexibility allows for risk-based security policies. For example, a Curator might configure their vault with:

  • A 7-day timelock for high-risk actions like enabling a new, untested adapter.
  • A 1-day timelock for routine, lower-risk actions like appointing a new Allocator.
  • A 0-second timelock for actions they deem completely safe (though this is less common for production vaults).

Timelock Management in V2

The Curator has a specific set of tools to manage these timelocks, each with its own security logic:

  • Increasing Timelocks (increaseTimelock): A Curator can increase the duration of any timelock instantly. Because making a safety delay longer is always a security-enhancing action, it does not require a waiting period.

  • Decreasing Timelocks (decreaseTimelock): This action is highly sensitive and is itself subject to a long, 2-week timelock. This prevents a malicious actor from instantly reducing all safety delays to zero.

  • Abdicating Actions (abdicateSubmit): A Curator can choose to permanently and irreversibly disable their ability to submit a certain type of change by setting its timelock to infinity. This is a powerful "trust-hardening" feature. For example, a vault could abdicate the ability to ever set a Gate, guaranteeing to its users that it will remain permissionless forever.

Timelocks in Morpho Vaults V1

In contrast, Morpho Vaults V1 use a global timelock system. A single timelock duration applies to all protected actions within the vault, such as increasing a market's supply cap or setting the Guardian.

Key Characteristics of V1 Timelocks

  • Flexible Initial Setup: The timelock can be set to zero at deployment. This is a major convenience that allows vault administrators to perform the initial configuration and market setup instantly without waiting periods.
  • Post-Setup Security: After the initial setup, any change to the timelock must set its duration to be between 1 day and 2 weeks.
  • Asymmetric Updates:
    • Increasing the timelock takes effect immediately.
    • Decreasing the timelock is itself a timelocked action, requiring a wait equal to the current (longer) timelock duration.

This V1 model provides robust security while allowing for practical initial vault deployment.

Viewing Timelock Settings

You can check the current timelock value(s) for any Morpho Vault by visiting the "Read Contract" section on a blockchain explorer and querying the timelock function.

  • In V2, this function takes a function selector as an argument.
  • In V1, it returns the single, global timelock duration in seconds.

Comparison: Vaults V2 vs. Vaults V1

FeatureMorpho Vaults V2Morpho Vaults V1 (MetaMorpho)
Timelock StructurePer-function timelocks (granular control)Global timelock (single duration for all actions)
Timelock AssignmentDifferent durations per function selectorOne duration applies to all protected actions
Increasing TimelocksInstant (security-enhancing)Instant (takes effect immediately)
Decreasing Timelocks2-week timelock (highly protected)Subject to current timelock duration
Initial SetupStandard timelock rules applyCan be set to zero at deployment
Permitted RangeFlexible (can be set to infinity via abdication)1 day to 2 weeks (after initial setup)
Abdication FeatureYes (can permanently disable actions)No