This is done to allow governance proposals to grant to a voter from
arbitrary token accounts, as long as it's the voter themselves who
executes the proposal once the vote has succeeded.
The vote power computation was broken for lockups that start very far
in the future.
- Fix the underflow itself
- Disallow lockups that start more than 100 years in the future
- Error if the lockup-scaled voting power is bigger than the maximum
lockup voting power
and can only be called once for each voter_authority.
Now that there's a separate "Grant" instruction, there's no longer a
need for CreateVoter to be idempotent and be callable on foreign
accounts.
Calling create voter manually on a PDA account could have allowed
automation.
- Make Registrar zero-copy. While it was using borsh for serialization,
the array of voting mint configs couldn't be serialized without
unaligned references.
- Reorganize all zero_copy fields such that switching to repr(C) would
not make a difference. (just for safety in case that happens)
- Add static asserts on the sizes of all account structs, so any changes
are visible very early.
- Add padding to structs that didn't have it yet.