I like this approach, it’s pretty elegant way to avoid this type of attack. Regarding timeframe, I propose to go with 48h + 24h. And regarding the idea, it’s interesting that I have never saw this idea before, maybe someone else saw the similar idea in different protocol?