nodeset-org · teddy-nodeset · Jun 28, 2024 · Jun 21, 2024 · Jun 24, 2024 · Jun 28, 2024
diff --git a/contracts/Directory.sol b/contracts/Directory.sol
@@ -229,7 +229,9 @@ contract Directory is UUPSUpgradeable, AccessControlUpgradeable {
 
         AccessControlUpgradeable.__AccessControl_init();
         _setRoleAdmin(Constants.ADMIN_SERVER_ROLE, Constants.ADMIN_ROLE);
-        _setRoleAdmin(Constants.TIMELOCK_24_HOUR, Constants.ADMIN_ROLE);
+        _setRoleAdmin(Constants.TIMELOCK_SHORT, Constants.ADMIN_ROLE);
+        _setRoleAdmin(Constants.TIMELOCK_MED, Constants.ADMIN_ROLE);
+        _setRoleAdmin(Constants.TIMELOCK_LONG, Constants.ADMIN_ROLE);
 
         _setRoleAdmin(Constants.CORE_PROTOCOL_ROLE, Constants.ADMIN_ROLE);
 
@@ -343,7 +345,7 @@ contract Directory is UUPSUpgradeable, AccessControlUpgradeable {
     /// @param newProtocol A Protocol struct containing updated addresses of protocol contracts.
     /// @dev This function allows an administrator to update all protocol contract addresses simultaneously.
     function setAll(Protocol memory newProtocol) public {
-        require(hasRole(Constants.TIMELOCK_24_HOUR, msg.sender), Constants.ADMIN_ONLY_ERROR);
+        require(hasRole(Constants.TIMELOCK_SHORT, msg.sender), Constants.ADMIN_ONLY_ERROR);
         _protocol = newProtocol;
     }
 

diff --git a/contracts/FundRouter.sol b/contracts/FundRouter.sol
@@ -91,7 +91,7 @@ contract FundRouter is UpgradeableBase {
         );
     }
 
-    function sendEthToDistributors() public nonReentrant {
+    function sendEthToDistributors() public onlyProtocolOrAdmin nonReentrant {
         console.log('sendEthToDistributors.A');
         // Convert entire WETH balance of this contract to ETH
         IWETH WETH = IWETH(_directory.getWETHAddress());
@@ -140,7 +140,7 @@ contract FundRouter is UpgradeableBase {
         console.log('sendEthToDistributors.I');
     }
 
-    function sendRplToDistributors() public nonReentrant {
+    function sendRplToDistributors() public onlyProtocolOrAdmin nonReentrant {
         console.log('sendRplToDistributors.A');
 
         // Initialize the RPLVault and the Operator Distributor addresses

diff --git a/contracts/Operator/SuperNodeAccount.sol b/contracts/Operator/SuperNodeAccount.sol
@@ -256,7 +256,7 @@ contract SuperNodeAccount is UpgradeableBase, Errors {
         }
     }
 */
-    function _authorizeUpgrade(address _implementationAddress) internal view override only24HourTimelock {}
+    function _authorizeUpgrade(address _implementationAddress) internal view override {}
 
     /**
      * @dev Restricting this function to admin is the only way we can technologically enforce
@@ -332,7 +332,7 @@ contract SuperNodeAccount is UpgradeableBase, Errors {
      * @dev Only callable by the contract owner or authorized admin.
      * @param _newLockThreshold The new lock threshold value in wei.
      */
-    function setLockAmount(uint256 _newLockThreshold) external onlyAdmin {
+    function setLockAmount(uint256 _newLockThreshold) external onlyShortTimelock {
         if (!_directory.hasRole(Constants.ADMIN_ROLE, msg.sender)) {
             revert BadRole(Constants.ADMIN_ROLE, msg.sender);
         }
@@ -344,7 +344,7 @@ contract SuperNodeAccount is UpgradeableBase, Errors {
      * @dev Only callable by the contract owner or authorized admin.
      * @param _newLockUpTime The new lock-up time in seconds.
      */
-    function setLockUpTime(uint256 _newLockUpTime) external onlyAdmin {
+    function setLockUpTime(uint256 _newLockUpTime) external onlyShortTimelock {
         if (!_directory.hasRole(Constants.ADMIN_ROLE, msg.sender)) {
             revert BadRole(Constants.ADMIN_ROLE, msg.sender);
         }

diff --git a/contracts/Operator/YieldDistributor.sol b/contracts/Operator/YieldDistributor.sol
@@ -219,7 +219,7 @@ contract YieldDistributor is UpgradeableBase {
      * @notice Updates the maximum duration for each rewards interval.
      * @param _maxIntervalLengthSeconds The new maximum duration (in seconds) for each interval.
      * @dev This function allows the admin to adjust the length of time between rewards intervals. Adjustments may be necessary based on changing network conditions or governance decisions.
-     */ function setMaxIntervalTime(uint256 _maxIntervalLengthSeconds) public onlyAdmin {
+     */ function setMaxIntervalTime(uint256 _maxIntervalLengthSeconds) public onlyShortTimelock {
         maxIntervalLengthSeconds = _maxIntervalLengthSeconds;
     }
 
@@ -228,7 +228,7 @@ contract YieldDistributor is UpgradeableBase {
      * @param treasury The address of the treasury to which the dust will be sent.
      * @dev This function can only be called by the contract's admin. It allows for the collection of small residual ETH balances (dust) that may have accumulated due to rounding errors or other minor discrepancies.
      */
-    function adminSweep(address treasury) public onlyAdmin {
+    function adminSweep(address treasury) public onlyMediumTimelock {
         uint256 amount = dustAccrued;
         dustAccrued = 0;
         (bool success, ) = treasury.call{value: amount}('');
@@ -241,7 +241,7 @@ contract YieldDistributor is UpgradeableBase {
      * @param _maxValidators The maximum number of validators to be considered in the reward calculation.
      * @dev This function can only be called by the contract's admin. Adjusting these parameters can change the reward distribution dynamics for validators.
      */
-    function setRewardIncentiveModel(uint256 _k, uint256 _maxValidators) public onlyAdmin {
+    function setRewardIncentiveModel(uint256 _k, uint256 _maxValidators) public onlyShortTimelock {
         k = _k;
         maxValidators = _maxValidators;
     }

diff --git a/contracts/Tokens/RPLVault.sol b/contracts/Tokens/RPLVault.sol
@@ -163,7 +163,7 @@ contract RPLVault is UpgradeableBase, ERC4626Upgradeable {
 
     /**ADMIN FUNCTIONS */
 
-    function setAdminFee(uint256 _adminFeeBasePoint) external onlyAdmin {
+    function setAdminFee(uint256 _adminFeeBasePoint) external onlyShortTimelock {
         require(_adminFeeBasePoint <= 1e5, 'Fee too high');
         adminFeeBasisPoint = _adminFeeBasePoint;
     }
@@ -175,7 +175,7 @@ contract RPLVault is UpgradeableBase, ERC4626Upgradeable {
      * It's expressed in base points, where 1e5 represents 100%.
      * @param _wethCoverageRatio The new WETH coverage ratio to be set (in base points).
      */
-    function setWETHCoverageRatio(uint256 _wethCoverageRatio) external onlyAdmin {
+    function setWETHCoverageRatio(uint256 _wethCoverageRatio) external onlyShortTimelock {
         wethCoverageRatio = _wethCoverageRatio;
     }
 
@@ -186,7 +186,7 @@ contract RPLVault is UpgradeableBase, ERC4626Upgradeable {
      * This could be useful to ensure the contract's health and stability.
      * @param _enforceWethCoverageRatio True if the WETH coverage ratio should be enforced, otherwise false.
      */
-    function setEnforceWethCoverageRatio(bool _enforceWethCoverageRatio) external onlyAdmin {
+    function setEnforceWethCoverageRatio(bool _enforceWethCoverageRatio) external onlyShortTimelock {
         enforceWethCoverageRatio = _enforceWethCoverageRatio;
     }
 

diff --git a/contracts/UpgradeableBase.sol b/contracts/UpgradeableBase.sol
@@ -41,8 +41,18 @@ abstract contract UpgradeableBase is UUPSUpgradeable, ReentrancyGuard {
         _;
     }
 
-    modifier only24HourTimelock() {
-        require(_directory.hasRole(Constants.TIMELOCK_24_HOUR, msg.sender), 'Can only be called by 24 hour timelock!');
+    modifier onlyShortTimelock() {
+        require(_directory.hasRole(Constants.TIMELOCK_SHORT, msg.sender), 'Can only be called by short timelock!');
+        _;
+    }
+
+    modifier onlyMediumTimelock() {
+        require(_directory.hasRole(Constants.TIMELOCK_MED, msg.sender), 'Can only be called by medium timelock!');
+        _;
+    }
+
+    modifier onlyLongTimelock() {
+        require(_directory.hasRole(Constants.TIMELOCK_LONG, msg.sender), 'Can only be called by long timelock!');
         _;
     }
 
@@ -54,5 +64,5 @@ abstract contract UpgradeableBase is UUPSUpgradeable, ReentrancyGuard {
         return _getImplementation();
     }
 
-    function _authorizeUpgrade(address) internal virtual override onlyAdmin {}
+    function _authorizeUpgrade(address) internal virtual override onlyLongTimelock {}
 }
diff --git a/contracts/Utils/Constants.sol b/contracts/Utils/Constants.sol
@@ -6,7 +6,9 @@ library Constants {
     bytes32 internal constant ADMIN_ROLE = keccak256('ADMIN_ROLE');
     bytes32 internal constant ADMIN_SERVER_ROLE = keccak256('ADMIN_SERVER_ROLE');
     bytes32 internal constant CORE_PROTOCOL_ROLE = keccak256('CORE_PROTOCOL_ROLE');
-    bytes32 internal constant TIMELOCK_24_HOUR = keccak256('TIMELOCK_24_HOUR');
+    bytes32 internal constant TIMELOCK_SHORT = keccak256('TIMELOCK_SHORT');
+    bytes32 internal constant TIMELOCK_MED = keccak256('TIMELOCK_SHORT');
+    bytes32 internal constant TIMELOCK_LONG = keccak256('TIMELOCK_SHORT');
 
     // DIRECTORY
     string public constant CONTRACT_NOT_FOUND_ERROR = 'Directory: contract not found!';

diff --git a/contracts/Whitelist/Whitelist.sol b/contracts/Whitelist/Whitelist.sol
@@ -180,7 +180,7 @@ contract Whitelist is UpgradeableBase {
     ///      It emits the 'OperatorRemoved' event to notify when an operator has been successfully removed.
     /// @param nodeOperator The address of the operator to be removed.
     /// @dev Throws no errors during execution.
-    function removeOperator(address nodeOperator) public only24HourTimelock {
+    function removeOperator(address nodeOperator) public onlyShortTimelock {
         _removeOperator(nodeOperator);
         emit OperatorRemoved(nodeOperator);
     }
@@ -205,7 +205,7 @@ contract Whitelist is UpgradeableBase {
     ///      It removes valid operators and emits the 'OperatorsRemoved' event.
     /// @param operators An array of addresses representing the operators to be removed.
     /// @dev Throws no errors during execution.
-    function removeOperators(address[] memory operators) public only24HourTimelock {
+    function removeOperators(address[] memory operators) public onlyShortTimelock {
         for (uint i = 0; i < operators.length; i++) {
             _removeOperator(operators[i]);
         }

diff --git a/docs/index.md b/docs/index.md
@@ -1788,10 +1788,10 @@ modifier onlyProtocolOrAdmin()
 modifier onlyProtocol()
 ```
 
-### only24HourTimelock
+### onlyShortTimelock
 
 ```solidity
-modifier only24HourTimelock()
+modifier onlyShortTimelock()
 ```
 
 ### getDirectory
@@ -1832,10 +1832,10 @@ bytes32 ADMIN_SERVER_ROLE
 bytes32 CORE_PROTOCOL_ROLE
 ```
 
-### TIMELOCK_24_HOUR
+### TIMELOCK_SHORT
 
 ```solidity
-bytes32 TIMELOCK_24_HOUR
+bytes32 TIMELOCK_SHORT
 ```
 
 ### CONTRACT_NOT_FOUND_ERROR