A timelock is a mandatory delay between a governance proposal passing and the approved change taking effect on-chain. It gives holders time to review, exit, or contest a malicious or mistaken change before execution. Paired with a multisig, it is the standard way to govern admin powers without one point of failure.
Without a timelock, passing a governance vote is operationally identical to holding the admin key, and the delay is only worth its parameter plus the independence of who can cancel.
How it works
A timelock delays execution after a vote passes. Once a proposal clears the vote and enters the queue, every participant can read exactly what will happen, when, and decide whether to stay in the protocol given that outcome.
The two-step queue-then-execute pattern is the safeguard. A passed proposal sits in a public pending queue with its full calldata, so anyone can verify what will execute, on which contract, and at what time. Without that observable queue, a timelock provides delay but not accountability.
Design consequence
The delay is a tradeoff. A 24-hour delay on an upgrade lets sophisticated participants review, but a broadly distributed holder base cannot mobilize against a malicious proposal that fast. A 7-day delay gives real reaction time but can block emergency responses to active exploits.
The standard practice is to segment: 24 to 48 hours for routine parameter changes, 48 to 96 hours for contract upgrades, and a separate emergency multisig path with a shorter delay and higher signer threshold for verified critical security patches.
Common mistake
Timelocks pair with multisigs rather than relying on governance alone. The multisig can cancel a queued transaction during the delay, a human-speed backstop against an attack that slipped through quorum. Governance proposes and votes, the timelock enforces delay, and the multisig can cancel but not unilaterally execute.
The failure mode is a delay too short to protect anyone, or a cancel-authority multisig controlled by the same entity that controls the proposal. Auditors check both the delay parameter and the independence of whoever holds cancel power before rating governance risk.
See Tokenomics Audit for how this applies in practice.
Related terms
More in Governance and DAOs
Know the terms but not sure how they apply to your project? That is what an engagement is for. We design, document, and stress-test the whole token economy inside the Tokenomics Data Room.
80+ projects advised. Complete tokenomics in 4 to 6 weeks.