For the “why a longer delay is better”, it is because human coordination is hard.
Imagine there was a 24-hour governance delay and an attacker initiated a governance attack. The following things would all need to occur within 24 hours:
- Someone notice that an executive vote passed. A bot can do this, but that bot then needs to notify a human but is the human watching the bot awake? are they on a plane? Do they have reliable internet service? Does such a bot exist right now?
- A human needs to evaluate the situation to make sure it wasn’t just a spurious ping by the bot. Bots can have bugs and you wouldn’t want to globally shutdown because of a bug in your bot.
- That human needs to alert other humans to the situation. Are these other humans readily available? What if it is Christmas day and everyone is spending time with family? What if it is DevCon and entire teams are on 18 hour flights across the planet?
- The collected humans need to analyze to make sure this is actually an attack and not a legitimate governance proposal. The Maker Foundation isn’t the only team allowed to submit governance proposals so (IMO) they cannot reasonably just global shutdown anytime someone besides them pushes a proposal through. Even if they did they would need to ensure that it wasn’t coming from within Maker Foundation (again, need to talk to the right set of people).
- Once it was decided that an attack was underway, you now need to coordinate the global shutdown. This process in the best case requires a quorum of multisig holders to sign a transaction. Are a quorum of multisig keyholders available and within reach of their private keys? Again, thinking about a timed attack during Christmas or DevCon this may not necessarily be the case.
A 24-hour governance delay certainly increases the risk of this attack from “risk-free for attacker” to “significant risk to attacker”, and 24 hours is way better than 0. However, I think 7 days is a much more appropriate governance delay as it gives plenty of time for human coordination.