Curvance
  • Protocol Overview
    • Click Less, Earn More
    • Protocol Architecture
    • Asset Types
    • Liquidity Markets
      • Borrowing
      • Liquidations
      • Interest Rates
      • Oracles
      • Collateral Caps
      • Bad Debt Socialization
    • Application Specific Sequencing
    • Multichain Architecture
      • Multichain Gauge System
      • Multichain Vote Escrow System
    • New Age Liquidity Mining
      • Protocols
      • Chains
    • How Are New Assets Integrated
    • Specialized Blockchain Integrations
    • Plugin System
    • Universal Account Balance
    • Token Approval Management
    • Lending Risks
  • CVE Token
    • Token Utility
    • veCVE
      • Curvance DAO
      • Revenue Model
      • Emergency Unlock
  • Security
    • Security and Audits
  • Miscellaneous
    • RPCs and Testnet Stability
    • Glossary
    • TL;DR
      • Customer Types and Benefits
    • Brand Assets
    • Weblinks
    • Disclaimer
    • Frequently Asked Questions
  • Developer Docs
    • Overview
    • Quick Start Guides
      • Atlas Fastlane Auctions (coming soon)
      • Plugin Integration
        • List of Delegable Actions
      • Supply & Collateral
        • Lend Assets
        • Deposit into pTokens
      • Borrowing & Repayment
        • Borrow
        • Repaying Debt
      • Leverage
        • Leveraging
        • Deleveraging
    • Money Market System
      • Market Manager
      • Position Tokens (pToken)
      • Earn Tokens (eTokens)
      • Dynamic Interest Rate Model
      • Universal Balance
    • Position Management
      • Leverage
      • Deleverage / Fold
    • Dynamic Liquidation Engine (DLE)
      • OEV Liquidation System
      • Fallback Queued Liquidations
      • Bad Debt Socialization
    • Plugin & Delegation System
      • Transfer Lock Mechanism
      • Delegable Actions
    • Core Token Ecosystem
      • CVE Token
        • Multichain Support
        • Bridge Mechanisms
      • Voting Escrow CVE (veCVE)
        • Creating a Lock
        • Points System
        • Continuous Lock Mode
        • Offchain Voting Mechanism
        • Early Expiry with Penalty
        • Combining Locks
        • Multichain Lock Migration
        • Epoch Blackout Windows
    • Cross-Chain Functionality
      • Messaging Hub
      • Fee Manager
      • Reward Manager
    • Auxiliary Functionality
Powered by GitBook
On this page
  • Overview
  • Core Functions
Export as PDF
  1. Developer Docs
  2. Plugin & Delegation System

Transfer Lock Mechanism

Overview

The Transfer Lock Mechanism is a critical security component of Curvance's protection system, allowing users to control the transferability of their tokens. Operating as an optional "2FA" layer, this mechanism helps defend against phishing attempts by giving users the ability to temporarily or indefinitely disable token transfers until explicitly re-enabled.

The transfer lock system introduces a security cooldown period when transitioning from a locked to an unlocked state, adding an important time buffer that can prevent attackers from quickly gaining control of assets after compromising an account.

Core Functions

setCooldown()

Description: Sets the duration that transfers will remain restricted after a user disables their transfer lock. This forms the core of the time-delay protection mechanism.

If a user decreases their cooldown, the previous (longer) cooldown will be automatically applied to any pending transfer unlock to prevent a phishing attack where an attacker forces a cooldown reduction.

Contract: CentralRegistry

Function signature:

function setCooldown(uint256 cooldown) external
Type
Name
Description

uint256

cooldown

The length of time (in seconds) that transferability should remain restricted after a lock is disabled. Max value is 52 weeks.

checkTransfersDisabled()

Description: Determines whether a specific user has transfers enabled or disabled. This can be called by any contract or external account to verify a user's transfer permission status.

Contract: CentralRegistry

Function signature:

function checkTransfersDisabled(address user) external view returns (bool)
Type
Name
Description

address

user

The address to check transfer status for

Return data:

Type
Description

bool

Returns true if the user has transfers disabled or if their cooldown period has not yet expired

setTransferLockStatus()

Description: Enables or disables token transferability for the caller. When disabling the lock (enabling transfers), the caller's configured cooldown period will be applied.

  • A user must explicitly flip their transfer lock status (can't set to the same value it already has)

  • When enabling transfers, the cooldown period starts immediately

Contract: CentralRegistry

Function signature:

function setTransferLockStatus(bool transferDisabled) external
Type
Name
Description

bool

transferDisabled

true to lock transfers (disable transferability), false to unlock transfers (enable transferability after cooldown)

PreviousPlugin & Delegation SystemNextDelegable Actions

Last updated 11 hours ago