diff --git a/solana/bridge/program/src/api/verify_signature.rs b/solana/bridge/program/src/api/verify_signature.rs index b0c4b721..085e5fc1 100644 --- a/solana/bridge/program/src/api/verify_signature.rs +++ b/solana/bridge/program/src/api/verify_signature.rs @@ -36,7 +36,8 @@ pub struct VerifySignatures<'b> { pub instruction_acc: Info<'b>, } -impl<'b> InstructionContext<'b> for VerifySignatures<'b> {} +impl<'b> InstructionContext<'b> for VerifySignatures<'b> { +} impl From<&VerifySignatures<'_>> for GuardianSetDerivationData { fn from(data: &VerifySignatures<'_>) -> Self { @@ -66,7 +67,6 @@ struct SecpInstructionPart<'a> { msg_size: u16, } - pub fn verify_signatures( ctx: &ExecutionContext, accs: &mut VerifySignatures, @@ -104,7 +104,7 @@ pub fn verify_signatures( secp_ix_index as usize, &accs.instruction_acc.try_borrow_mut_data()?, ) - .map_err(|_| ProgramError::InvalidAccountData)?; + .map_err(|_| ProgramError::InvalidAccountData)?; // Check that the instruction is actually for the secp program if secp_ix.program_id != solana_program::secp256k1_program::id() { diff --git a/solana/modules/token_bridge/program/src/api/complete_transfer.rs b/solana/modules/token_bridge/program/src/api/complete_transfer.rs index 9d8a5892..20219669 100644 --- a/solana/modules/token_bridge/program/src/api/complete_transfer.rs +++ b/solana/modules/token_bridge/program/src/api/complete_transfer.rs @@ -142,7 +142,7 @@ pub fn complete_native( accs.to.info().key, accs.custody_signer.key, &[], - amount - fee, + amount.checked_sub(fee).unwrap(), )?; invoke_seeded(&transfer_ix, ctx, &accs.custody_signer, None)?; @@ -248,7 +248,11 @@ pub fn complete_wrapped( accs.to.info().key, accs.mint_authority.key, &[], - accs.vaa.amount.as_u64() - accs.vaa.fee.as_u64(), + accs.vaa + .amount + .as_u64() + .checked_sub(accs.vaa.fee.as_u64()) + .unwrap(), )?; invoke_seeded(&mint_ix, ctx, &accs.mint_authority, None)?; diff --git a/solana/modules/token_bridge/program/src/api/transfer.rs b/solana/modules/token_bridge/program/src/api/transfer.rs index 24e3512b..63ca428a 100644 --- a/solana/modules/token_bridge/program/src/api/transfer.rs +++ b/solana/modules/token_bridge/program/src/api/transfer.rs @@ -16,7 +16,10 @@ use crate::{ messages::PayloadTransfer, types::*, TokenBridgeError, - TokenBridgeError::WrongAccountOwner, + TokenBridgeError::{ + InvalidFee, + WrongAccountOwner, + }, }; use bridge::{ accounts::Bridge, @@ -134,6 +137,11 @@ pub fn transfer_native( return Err(TokenBridgeError::InvalidMint.into()); } + // Fee must be less than amount + if data.fee > data.amount { + return Err(InvalidFee.into()); + } + // Verify that the token is not a wrapped token if let COption::Some(mint_authority) = accs.mint.mint_authority { if mint_authority == MintSigner::key(None, ctx.program_id) { @@ -292,6 +300,11 @@ pub fn transfer_wrapped( return Err(TokenBridgeError::InvalidMint.into()); } + // Fee must be less than amount + if data.fee > data.amount { + return Err(InvalidFee.into()); + } + // Verify that meta is correct let derivation_data: WrappedMetaDerivationData = (&*accs).into(); accs.wrapped_meta diff --git a/solana/modules/token_bridge/program/src/lib.rs b/solana/modules/token_bridge/program/src/lib.rs index 77547e2e..1ca9c6ae 100644 --- a/solana/modules/token_bridge/program/src/lib.rs +++ b/solana/modules/token_bridge/program/src/lib.rs @@ -63,6 +63,7 @@ pub enum TokenBridgeError { TokenNotNative, UninitializedMint, WrongAccountOwner, + InvalidFee, } impl From for SolitaireError {