The risk of improper access control has become one of the most devastating attack vectors in Ethereum. When an attacker gains unauthorized access to a privileged account — whether through operational error, insider threat, or social engineering — they can immediately grant themselves any privilege role, execute malicious actions, and revoke legitimate holders to prevent defensive response. All of this happened within a very small time window, leaving zero response time for defenders.
Existing partial solutions address time delays at different abstraction levels but leave the role permission layer unprotected. The missing security layer is delaying who can hold a role, not just what a role-holder can do. This proposal provides that layer by introducing configurable waiting periods between role change initiation and automatic activation, giving defenders time to detect, verify, and cancel unauthorized changes before they take effect.
We defines three functional modules:
- A delay configuration module for setting per-role grant and revoke delay parameters.
- An effective role evaluation module that determines whether an account holds a role by comparing the current block timestamp against stored activation and revocation timestamps.
- A delay query module for retrieving the current delay configuration.
Together, these modules can enable automatic activation of pending role changes at the point of permission evaluation, providing protocol operators a response window to detect and cancel unauthorized privilege role changes before they take effect.
Please feel free to leave any suggestions or discussions. 