# Developer Origin Energy Limit
It is highly recommended to set an appropriate developer origin energy limit before deploying a contract to Mainnet. If a contract uses a low user energy pay ratio (developer pays most energy), but suffers from attacks/vulnerabilities as described in previous sections, the developer should set an _origin_energy_limit_ during deployment. Regardless of the attack type, the developer will not use more than _origin_energy_limit_ (in Energy) for each smart contract execution. This parameter prevents malicious attacks and fee penalties set by _fee_limit_. Each execution is limited to this amount of energy maximum. By default, contracts deployed without this parameter (including legacy contracts before this feature was enabled) are set to 1e7 Energy. Setting it to a value larger than 1e7 produces an error.
This value can be set in Tron-Box and Tron-Web:
For Tron-Box smart contract deployment, all global settings are in the **tronbox.js** file. Within this file, there is a parameter called _originEnergyLimit_, which refers to the developer origin energy limit.
The _tronweb.contract.new_ API call takes in a parameter called _originEnergyLimit_. This parameter refers to the developer origin energy limit.
# Updating Developer Origin Energy Limit
After a contract deploys, it's developer origin energy limit can be adjusted through the [updateEnergyLimit](🔗) endpoint. Sign & broadcast the call to ensure it takes effect.