blockworks-foundation
/
sbv2-solana
mirror of https://github.com/blockworks-foundation/sbv2-solana.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: pull monorepo changes (#173) 

* Project import generated by Copybara.

GitOrigin-RevId: 5aae5e514cbb815872967735716823f422a6316a

* chore: Update pnpm lockfile

---------

Co-authored-by: Copybara <copybara@example.com>
Co-authored-by: gallynaut <gallynaut@users.noreply.github.com>
This commit is contained in:
gallynaut 2023-11-28 17:15:32 -07:00 committed by GitHub
parent 7feef95406
commit d049b53fe7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
24 changed files with 1683 additions and 1020 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples/functions/01_basic_oracle/Cargo.lock generated
View File

@ -4509,7 +4509,7 @@ dependencies = [
[[package]]
name = "switchboard-solana"
version = "0.29.70"
version = "0.29.71"
dependencies = [
"anchor-client",
"anchor-lang",

2
examples/functions/01_basic_oracle/Cargo.toml
View File

@ -19,6 +19,6 @@ cpi = ["no-entrypoint"]
default = []
[dependencies]
# switchboard-solana = { version = "0.28.43" }
# switchboard-solana = { version = "0.29.70" }
switchboard-solana = { path = "../../../rust/switchboard-solana" }
bytemuck = "^1"

2
examples/functions/01_basic_oracle/package.json
View File

@ -15,7 +15,7 @@
"@coral-xyz/anchor": "^0.28.0",
"@solana/spl-token": "^0.3.6",
"@solana/web3.js": "^1.78.0",
"@switchboard-xyz/solana.js": "*"
"@switchboard-xyz/solana.js": "^3"
},
"devDependencies": {
"@types/bn.js": "^5.1.0",

17
examples/functions/01_basic_oracle/src/actions/refresh_prices.rs
View File

@ -10,14 +10,17 @@ pub struct RefreshPrices<'info> {
pub oracle: AccountLoader<'info, MyOracleState>,
// We use this to verify the functions enclave state
pub switchboard_function: AccountLoader<'info, FunctionAccountData>,
#[account(
// constraint = switchboard_routine.validate_signer(
// switchboard_function.to_account_info().as_ref(),
// enclave_signer.to_account_info().as_ref()
// )?
constraint = function.load()?.validate_routine(
&routine,
&enclave_signer.to_account_info(),
)?
)]
pub switchboard_routine: Box<Account<'info, FunctionRoutineAccountData>>,
pub function: AccountLoader<'info, FunctionAccountData>,
#[account(
has_one = function,
)]
pub routine: Box<Account<'info, FunctionRoutineAccountData>>,
pub enclave_signer: Signer<'info>,
}
@ -30,7 +33,7 @@ impl RefreshPrices<'_> {
pub fn validate(
&self,
_ctx: &Context<Self>,
_params: &RefreshPricesParams
_params: &RefreshPricesParams,
) -> anchor_lang::Result<()> {
Ok(())
}

4
examples/functions/01_basic_oracle/src/actions/set_function.rs
View File

@ -11,7 +11,11 @@ pub struct SetFunction<'info> {
)]
pub program: AccountLoader<'info, MyProgramState>,
// Make sure the function has at least one MrEnclave measurement defined.
pub switchboard_function: AccountLoader<'info, FunctionAccountData>,
#[account(
constraint = switchboard_routine.function == switchboard_function.key()
)]
pub switchboard_routine: Box<Account<'info, FunctionRoutineAccountData>>,
pub authority: Signer<'info>,

2
examples/functions/01_basic_oracle/switchboard-function/Cargo.lock generated
View File

@ -4717,7 +4717,7 @@ dependencies = [
[[package]]
name = "switchboard-solana"
version = "0.29.70"
version = "0.29.71"
dependencies = [
"anchor-client",
"anchor-lang",

635
examples/functions/04_randomness_callback/Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

6
examples/functions/04_randomness_callback/Cargo.toml
View File

@ -19,6 +19,6 @@ default = []
[dependencies]
bytemuck = "^1"
anchor-spl = "0.28.0"
switchboard-solana = "0.28.43"
# switchboard-solana = { path = "../../../rust/switchboard-solana" }
anchor-spl = "0.29.0"
# switchboard-solana = "0.29.70"
switchboard-solana = { path = "../../../rust/switchboard-solana" }

15
examples/functions/04_randomness_callback/src/lib.rs
View File

@ -6,6 +6,9 @@ pub use utils::*;
pub mod error;
pub use error::*;
// use std::cell::Ref;
// use std::ops::Deref;
// pub use switchboard_solana::prelude::anchor_lang;
// pub use switchboard_solana::prelude::anchor_spl;
@ -26,7 +29,8 @@ pub mod custom_randomness_request {
pub fn house_init(ctx: Context<HouseInit>, max_guess: u8) -> Result<()> {
let mut house = ctx.accounts.house.load_init()?;
house.bump = *ctx.bumps.get("house").unwrap();
// house.bump = *ctx.bumps.get("house").unwrap();
house.bump = ctx.bumps.house;
house.authority = ctx.accounts.authority.key();
house.function = ctx.accounts.function.key();
house.token_wallet = ctx.accounts.house_token_wallet.key();
@ -44,7 +48,8 @@ pub mod custom_randomness_request {
pub fn user_init(ctx: Context<UserInit>) -> Result<()> {
let mut user = ctx.accounts.user.load_init()?;
user.bump = *ctx.bumps.get("user").unwrap();
// user.bump = *ctx.bumps.get("user").unwrap();
user.bump = ctx.bumps.user;
user.authority = ctx.accounts.payer.key();
user.token_wallet = ctx.accounts.user_token_wallet.key();
@ -342,9 +347,9 @@ pub struct UserSettle<'info> {
pub function: AccountLoader<'info, FunctionAccountData>,
#[account(
constraint = request.validate_signer(
&function.to_account_info(),
&enclave_signer.to_account_info()
)? @ RandomnessRequestError::FunctionValidationFailed,
&function,
&enclave_signer.to_account_info(),
)?
)]
pub request: Box<Account<'info, FunctionRequestAccountData>>,
pub enclave_signer: Signer<'info>,

1572
examples/functions/04_randomness_callback/switchboard-function/Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

2
examples/functions/04_randomness_callback/switchboard-function/Cargo.toml
View File

@ -12,7 +12,7 @@ path = "src/main.rs"
[dependencies]
tokio = "^1"
futures = "0.3"
# switchboard-solana = "0.28.43"
# switchboard-solana = "0.29.70"
switchboard-solana = { path = "../../../../rust/switchboard-solana", features = [
"macros",
] }

29
pnpm-lock.yaml
View File

@ -149,7 +149,7 @@ importers:
specifier: ^1.78.0
version: 1.78.3
'@switchboard-xyz/solana.js':
specifier: '*'
specifier: ^3
version: link:../../../javascript/solana.js
devDependencies:
'@types/bn.js':
@ -2405,7 +2405,7 @@ packages:
/call-bind@1.0.2:
resolution: {integrity: sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==}
dependencies:
function-bind: 1.1.1
function-bind: 1.1.2
get-intrinsic: 1.2.1
dev: true
@ -3594,10 +3594,6 @@ packages:
dev: true
optional: true
/function-bind@1.1.1:
resolution: {integrity: sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==}
dev: true
/function-bind@1.1.2:
resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==}
dev: true
@ -3641,7 +3637,7 @@ packages:
/get-intrinsic@1.2.1:
resolution: {integrity: sha512-2DcsyfABl+gVHEfCOaTrWgyt+tb6MSEGmKq+kI5HwLbIYgjgmMcV8KQ41uaKz1xxUcn9tJtgFbQUEVcEbd0FYw==}
dependencies:
function-bind: 1.1.1
function-bind: 1.1.2
has: 1.0.3
has-proto: 1.0.1
has-symbols: 1.0.3
@ -3840,7 +3836,7 @@ packages:
resolution: {integrity: sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==}
engines: {node: '>= 0.4.0'}
dependencies:
function-bind: 1.1.1
function-bind: 1.1.2
dev: true
/hasown@2.0.0:
@ -4015,12 +4011,6 @@ packages:
ci-info: 3.8.0
dev: true
/is-core-module@2.13.0:
resolution: {integrity: sha512-Z7dk6Qo8pOCp3l4tsX2C5ZVas4V+UxwQodwZhLopL91TX8UyyHEXafPcyoeeWuLrwzHcr3igO78wNLwHJHsMCQ==}
dependencies:
has: 1.0.3
dev: true
/is-core-module@2.13.1:
resolution: {integrity: sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw==}
dependencies:
@ -5246,7 +5236,7 @@ packages:
resolution: {integrity: sha512-HFM8rkZ+i3zrV+4LQjwQ0W+ez98pApMGM3HUrN04j3CqzPOzl9nmP15Y8YXNm8QHGv/eacOVEjqhmWpkRV0NAw==}
engines: {node: '>= 0.10'}
dependencies:
resolve: 1.22.3
resolve: 1.22.8
dev: true
/redent@3.0.0:
@ -5314,15 +5304,6 @@ packages:
resolution: {integrity: sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==}
dev: true
/resolve@1.22.3:
resolution: {integrity: sha512-P8ur/gp/AmbEzjr729bZnLjXK5Z+4P0zhIJgBgzqRih7hL7BOukHGtSTA3ACMY467GRFz3duQsi0bDZdR7DKdw==}
hasBin: true
dependencies:
is-core-module: 2.13.0
path-parse: 1.0.7
supports-preserve-symlinks-flag: 1.0.0
dev: true
/resolve@1.22.8:
resolution: {integrity: sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==}
hasBin: true

2
rust/switchboard-solana/Cargo.anchor27.lock
View File

@ -4477,7 +4477,7 @@ dependencies = [
[[package]]
name = "switchboard-solana"
version = "0.27.70"
version = "0.27.71"
dependencies = [
"anchor-client",
"anchor-lang",

2
rust/switchboard-solana/Cargo.anchor27.toml
View File

@ -1,6 +1,6 @@
[package]
name = "switchboard-solana"
version = "0.27.70"
version = "0.27.71"
edition = "2021"
resolver = "2"
description = "A Rust library to interact with Switchboard accounts."

2
rust/switchboard-solana/Cargo.anchor28.lock
View File

@ -5115,7 +5115,7 @@ dependencies = [
[[package]]
name = "switchboard-solana"
version = "0.28.70"
version = "0.28.71"
dependencies = [
"anchor-client",
"anchor-lang",

2
rust/switchboard-solana/Cargo.anchor28.toml
View File

@ -1,6 +1,6 @@
[package]
name = "switchboard-solana"
version = "0.28.70"
version = "0.28.71"
edition = "2021"
resolver = "2"
description = "A Rust library to interact with Switchboard accounts."

2
rust/switchboard-solana/Cargo.lock generated
View File

@ -5040,7 +5040,7 @@ dependencies = [
[[package]]
name = "switchboard-solana"
version = "0.29.70"
version = "0.29.71"
dependencies = [
"anchor-client",
"anchor-lang",

2
rust/switchboard-solana/Cargo.toml
View File

@ -1,6 +1,6 @@
[package]
name = "switchboard-solana"
version = "0.29.70"
version = "0.29.71"
edition = "2021"
resolver = "2"
description = "A Rust library to interact with Switchboard accounts."

186
rust/switchboard-solana/src/attestation_program/accounts/function.rs
View File

@ -371,32 +371,192 @@ impl FunctionAccountData {
///
/// # Arguments
///
/// * `function_account_info` - Solana AccountInfo for a FunctionAccountData
/// * `signer` - Solana AccountInfo for a signer
pub fn validate_signer<'a>(
function_account_info: &'a AccountInfo<'a>,
signer: &AccountInfo<'a>,
) -> anchor_lang::Result<bool> {
/// * `signer` - Solana AccountInfo for a signer\
#[deprecated(
since = "0.28.35",
note = "please use a `FunctionRoutineAccountData` for all scheduled executions"
)]
pub fn validate_signer<'a>(&self, signer: &AccountInfo<'a>) -> anchor_lang::Result<bool> {
// deserialize accounts and verify the owner
let function_loader =
AccountLoader::<'_, FunctionAccountData>::try_from(function_account_info)?;
let func = function_loader.load()?;
// TODO: validate the seeds and bump
// validate the enclaves enclave is not empty
if func.enclave.mr_enclave == [0u8; 32] {
if self.enclave.mr_enclave == [0u8; 32] {
return Ok(false);
}
// validate the enclaves delegated signer matches
if func.enclave.enclave_signer != signer.key() {
if self.enclave.enclave_signer != signer.key() {
return Ok(false);
}
// validate the function was verified and it is not expired
Ok(func.enclave.is_verified(&Clock::get()?))
Ok(self.enclave.is_verified(&Clock::get()?))
}
/// Validates that the provided request is assigned to the same `AttestationQueueAccountData` as the function and the
/// provided `enclave_signer` matches the `enclave_signer` stored in the request's `active_request` field.
///
/// # Arguments
///
/// * `request` - The `FunctionRequestAccountData` being validated.
/// * `enclave_signer` - The `AccountInfo` of the enclave signer to validate.
///
/// # Errors
///
/// Returns an error if:
/// * the function and request have different attestation queues
/// * the request's verified signer does not match the provided `enclave_signer`
/// * the `enclave_signer` did not sign the transaction
///
/// # Returns
///
/// Returns `Ok(true)` if the validation succeeds, `Ok(false)` otherwise.
///
/// # Examples
///
/// ```ignore
/// use switchboard_solana::FunctionRequestAccountData;
///
/// #[derive(Accounts)]
/// pub struct Settle<'info> {
/// // YOUR PROGRAM ACCOUNTS
/// #[account(
/// mut,
/// has_one = switchboard_request,
/// )]
/// pub user: AccountLoader<'info, UserState>,
///
/// // SWITCHBOARD ACCOUNTS
/// #[account(
/// constraint = function.load()?.validate_request(
/// &request,
/// &enclave_signer.to_account_info()
/// )?
/// )]
/// pub function: AccountLoader<'info, FunctionAccountData>,
/// #[account(
/// has_one = function,
/// )]
/// pub request: Box<Account<'info, FunctionRequestAccountData>>,
/// pub enclave_signer: Signer<'info>,
/// }
/// ```
pub fn validate_request(
&self,
request: &FunctionRequestAccountData,
enclave_signer: &AccountInfo,
) -> anchor_lang::Result<bool> {
if request.attestation_queue != self.attestation_queue {
msg!(
"AttestationQueueMismatch: fn: {}, request: {}",
self.attestation_queue,
request.attestation_queue
);
return Ok(false);
}
if request.active_request.enclave_signer != enclave_signer.key() {
msg!(
"SignerMismatch: expected {}, received {}",
request.active_request.enclave_signer,
enclave_signer.key()
);
return Ok(false);
}
// Verify the enclave signer signed the transaction
if enclave_signer.signer_key().is_none() {
msg!(
"enclave_signer ({}) did not sign the transaction",
enclave_signer.key()
);
return Ok(false);
}
Ok(true)
}
/// Validates that the provided routine is assigned to the same `AttestationQueueAccountData` as the function and the
/// provided `enclave_signer` matches the `enclave_signer` stored in the routine's `enclave_signer` field.
///
/// # Arguments
///
/// * `routine` - The `FunctionRoutineAccountData` being validated.
/// * `enclave_signer` - The `AccountInfo` of the enclave signer to validate.
///
/// # Errors
///
/// Returns an error if:
/// * the function and routine have different attestation queues
/// * the routine's verified signer does not match the provided `enclave_signer`
/// * the `enclave_signer` did not sign the transaction
///
/// # Returns
///
/// Returns `Ok(true)` if the validation succeeds, `Ok(false)` otherwise.
///
/// # Examples
///
/// ```ignore
/// use switchboard_solana::FunctionRoutineAccountData;
///
/// #[derive(Accounts)]
/// pub struct Settle<'info> {
/// // YOUR PROGRAM ACCOUNTS
/// #[account(
/// mut,
/// has_one = switchboard_routine,
/// )]
/// pub user: AccountLoader<'info, UserState>,
///
/// // SWITCHBOARD ACCOUNTS
/// pub switchboard_function: AccountLoader<'info, FunctionAccountData>,
/// #[account(
/// constraint = switchboard_routine.validate_signer(
/// &switchboard_function.to_account_info(),
/// &enclave_signer.to_account_info()
/// )?
/// )]
/// pub switchboard_routine: Box<Account<'info, FunctionRoutineAccountData>>,
/// pub enclave_signer: Signer<'info>,
/// }
/// ```
pub fn validate_routine(
&self,
routine: &FunctionRoutineAccountData,
enclave_signer: &AccountInfo,
) -> anchor_lang::Result<bool> {
if routine.attestation_queue != self.attestation_queue {
msg!(
"AttestationQueueMismatch: fn: {}, routine: {}",
self.attestation_queue,
routine.attestation_queue
);
return Ok(false);
}
// validate the enclaves delegated signer matches
if routine.enclave_signer != enclave_signer.key() {
msg!(
"EnclaveSignerMismatch: expected {}, received {}",
routine.enclave_signer,
enclave_signer.key()
);
return Ok(false);
}
// Verify the enclave signer signed the transaction
if enclave_signer.signer_key().is_none() {
msg!(
"enclave_signer ({}) did not sign the transaction",
enclave_signer.key()
);
return Ok(false);
}
Ok(true)
}
#[deprecated(

43
rust/switchboard-solana/src/attestation_program/accounts/request.anchor27.rs
View File

@ -146,8 +146,6 @@ where
_ebuf: deserialize_round_ebuf_slice(buf)?,
})
}
}
// #[account]
@ -297,8 +295,6 @@ where
_ebuf: deserialize_ebuf_slice(buf)?,
})
}
}
impl anchor_lang::AccountSerialize for FunctionRequestAccountData {
@ -391,18 +387,22 @@ impl FunctionRequestAccountData {
true
}
/// Validates the given `signer` account against the `function_account_info` and the `active_request`
/// stored in this `FunctionRequestAccountData`.
/// Validates that the provided request is assigned to the same `AttestationQueueAccountData` as the function and the
/// provided `enclave_signer` matches the `enclave_signer` stored in the request's `active_request` field.
///
/// # Arguments
///
/// * `function_account_info` - The `AccountInfo` of the function account.
/// * `signer` - The `AccountInfo` of the account to validate.
/// * `request` - The `FunctionRequestAccountData` being validated.
/// * `enclave_signer` - The `AccountInfo` of the enclave signer to validate.
///
/// # Errors
///
/// Returns an error if the function account data cannot be loaded or if the `signer` account does not match
/// the expected `enclave_signer` stored in the `active_request`.
/// Returns an error if:
/// * the function cannot be deserialized
/// * the function is not assigned to the request
/// * the function and request have different attestation queues
/// * the request's verified signer does not match the provided `enclave_signer`
/// * the `enclave_signer` did not sign the transaction
///
/// # Returns
///
@ -426,7 +426,7 @@ impl FunctionRequestAccountData {
/// pub switchboard_function: AccountLoader<'info, FunctionAccountData>,
/// #[account(
/// constraint = switchboard_request.validate_signer(
/// &switchboard_function.to_account_info(),
/// &switchboard_function,
/// &enclave_signer.to_account_info()
/// )?
/// )]
@ -436,12 +436,9 @@ impl FunctionRequestAccountData {
/// ```
pub fn validate_signer<'a>(
&self,
function_account_info: &'a AccountInfo<'a>,
signer: &AccountInfo<'a>,
function_loader: &AccountLoader<'a, FunctionAccountData>,
enclave_signer: &AccountInfo<'a>,
) -> anchor_lang::Result<bool> {
let function_loader =
AccountLoader::<'a, FunctionAccountData>::try_from(function_account_info)?;
if self.function != function_loader.key() {
msg!(
"FunctionMismatch: expected {}, received {}",
@ -451,19 +448,9 @@ impl FunctionRequestAccountData {
return Ok(false);
}
function_loader.load()?; // check owner/discriminator
let func = function_loader.load()?; // check owner/discriminator
// validate the enclaves delegated signer matches
if self.active_request.enclave_signer != signer.key() {
msg!(
"SignerMismatch: expected {}, received {}",
self.active_request.enclave_signer,
signer.key()
);
return Ok(false);
}
Ok(true)
func.validate_request(self, enclave_signer)
}
}

42
rust/switchboard-solana/src/attestation_program/accounts/request.anchor28.rs
View File

@ -236,18 +236,22 @@ impl FunctionRequestAccountData {
true
}
/// Validates the given `signer` account against the `function_account_info` and the `active_request`
/// stored in this `FunctionRequestAccountData`.
/// Validates that the provided request is assigned to the same `AttestationQueueAccountData` as the function and the
/// provided `enclave_signer` matches the `enclave_signer` stored in the request's `active_request` field.
///
/// # Arguments
///
/// * `function_account_info` - The `AccountInfo` of the function account.
/// * `signer` - The `AccountInfo` of the account to validate.
/// * `request` - The `FunctionRequestAccountData` being validated.
/// * `enclave_signer` - The `AccountInfo` of the enclave signer to validate.
///
/// # Errors
///
/// Returns an error if the function account data cannot be loaded or if the `signer` account does not match
/// the expected `enclave_signer` stored in the `active_request`.
/// Returns an error if:
/// * the function cannot be deserialized
/// * the function is not assigned to the request
/// * the function and request have different attestation queues
/// * the request's verified signer does not match the provided `enclave_signer`
/// * the `enclave_signer` did not sign the transaction
///
/// # Returns
///
@ -271,7 +275,7 @@ impl FunctionRequestAccountData {
/// pub switchboard_function: AccountLoader<'info, FunctionAccountData>,
/// #[account(
/// constraint = switchboard_request.validate_signer(
/// &switchboard_function.to_account_info(),
/// &switchboard_function,
/// &enclave_signer.to_account_info()
/// )?
/// )]
@ -281,33 +285,21 @@ impl FunctionRequestAccountData {
/// ```
pub fn validate_signer<'a>(
&self,
function_account_info: &'a AccountInfo<'a>,
signer: &AccountInfo<'a>,
function_loader: &AccountLoader<'a, FunctionAccountData>,
enclave_signer: &AccountInfo<'a>,
) -> anchor_lang::Result<bool> {
if self.function != function_account_info.key() {
if self.function != function_loader.key() {
msg!(
"FunctionMismatch: expected {}, received {}",
self.function,
function_account_info.key()
function_loader.key()
);
return Ok(false);
}
let function_loader =
AccountLoader::<'_, FunctionAccountData>::try_from(function_account_info)?;
function_loader.load()?; // check owner/discriminator
let func = function_loader.load()?; // check owner/discriminator
// validate the enclaves delegated signer matches
if self.active_request.enclave_signer != signer.key() {
msg!(
"SignerMismatch: expected {}, received {}",
self.active_request.enclave_signer,
signer.key()
);
return Ok(false);
}
Ok(true)
func.validate_request(self, enclave_signer)
}
}

39
rust/switchboard-solana/src/attestation_program/accounts/request.rs
View File

@ -427,18 +427,22 @@ impl FunctionRequestAccountData {
true
}
/// Validates the given `signer` account against the `function_account_info` and the `active_request`
/// stored in this `FunctionRequestAccountData`.
/// Validates that the provided request is assigned to the same `AttestationQueueAccountData` as the function and the
/// provided `enclave_signer` matches the `enclave_signer` stored in the request's `active_request` field.
///
/// # Arguments
///
/// * `function_account_info` - The `AccountInfo` of the function account.
/// * `signer` - The `AccountInfo` of the account to validate.
/// * `request` - The `FunctionRequestAccountData` being validated.
/// * `enclave_signer` - The `AccountInfo` of the enclave signer to validate.
///
/// # Errors
///
/// Returns an error if the function account data cannot be loaded or if the `signer` account does not match
/// the expected `enclave_signer` stored in the `active_request`.
/// Returns an error if:
/// * the function cannot be deserialized
/// * the function is not assigned to the request
/// * the function and request have different attestation queues
/// * the request's verified signer does not match the provided `enclave_signer`
/// * the `enclave_signer` did not sign the transaction
///
/// # Returns
///
@ -462,7 +466,7 @@ impl FunctionRequestAccountData {
/// pub switchboard_function: AccountLoader<'info, FunctionAccountData>,
/// #[account(
/// constraint = switchboard_request.validate_signer(
/// &switchboard_function.to_account_info(),
/// &switchboard_function,
/// &enclave_signer.to_account_info()
/// )?
/// )]
@ -472,12 +476,9 @@ impl FunctionRequestAccountData {
/// ```
pub fn validate_signer<'a>(
&self,
function_account_info: &'a AccountInfo<'a>,
signer: &AccountInfo<'a>,
function_loader: &AccountLoader<'a, FunctionAccountData>,
enclave_signer: &AccountInfo<'a>,
) -> anchor_lang::Result<bool> {
let function_loader =
AccountLoader::<'a, FunctionAccountData>::try_from(function_account_info)?;
if self.function != function_loader.key() {
msg!(
"FunctionMismatch: expected {}, received {}",
@ -487,19 +488,9 @@ impl FunctionRequestAccountData {
return Ok(false);
}
function_loader.load()?; // check owner/discriminator
let func = function_loader.load()?; // check owner/discriminator
// validate the enclaves delegated signer matches
if self.active_request.enclave_signer != signer.key() {
msg!(
"SignerMismatch: expected {}, received {}",
self.active_request.enclave_signer,
signer.key()
);
return Ok(false);
}
Ok(true)
func.validate_request(self, enclave_signer)
}
}

47
rust/switchboard-solana/src/attestation_program/accounts/routine.anchor28.rs
View File

@ -282,18 +282,22 @@ impl FunctionRoutineAccountData {
self.is_disabled.into()
}
/// Validates the given `signer` account against the `function_account_info` and the enclave_signer
/// Validates the given `signer` account against the `function_loader` and the enclave_signer
/// stored in this `FunctionRoutineAccountData`.
///
/// # Arguments
///
/// * `function_account_info` - The `AccountInfo` of the function account.
/// * `signer` - The `AccountInfo` of the account to validate.
/// * `function_loader` - The `AccountLoader` of the function account to validate.
/// * `enclave_signer` - The `AccountInfo` of the enclave signer to validate.
///
/// # Errors
///
/// Returns an error if the function account data cannot be loaded or if the `signer` account does not match
/// the expected `enclave_signer`.
/// Returns an error if:
/// * the function cannot be deserialized
/// * the routine is not assigned to the function
/// * the function and routine have different attestation queues
/// * the routine's verified signer does not match the provided `enclave_signer`
/// * the `enclave_signer` did not sign the transaction
///
/// # Returns
///
@ -317,7 +321,7 @@ impl FunctionRoutineAccountData {
/// pub switchboard_function: AccountLoader<'info, FunctionAccountData>,
/// #[account(
/// constraint = switchboard_routine.validate_signer(
/// &switchboard_function.to_account_info(),
/// &switchboard_function,
/// &enclave_signer.to_account_info()
/// )?
/// )]
@ -327,42 +331,21 @@ impl FunctionRoutineAccountData {
/// ```
pub fn validate_signer<'a>(
&self,
function_account_info: &'a AccountInfo<'a>,
signer: &AccountInfo<'a>,
function_loader: &AccountLoader<'a, FunctionAccountData>,
enclave_signer: &AccountInfo<'a>,
) -> anchor_lang::Result<bool> {
if self.function != function_account_info.key() {
if self.function != function_loader.key() {
msg!(
"FunctionMismatch: expected {}, received {}",
self.function,
function_account_info.key()
function_loader.key()
);
return Ok(false);
}
let function_loader =
AccountLoader::<'_, FunctionAccountData>::try_from(function_account_info)?;
let func = function_loader.load()?; // check owner/discriminator
if self.attestation_queue != func.attestation_queue {
msg!(
"QueueMismatch: expected {}, received {}",
self.attestation_queue,
func.attestation_queue
);
return Ok(false);
}
// validate the enclaves delegated signer matches
if self.enclave_signer != signer.key() {
msg!(
"SignerMismatch: expected {}, received {}",
self.enclave_signer,
signer.key()
);
return Ok(false);
}
Ok(true)
func.validate_routine(self, enclave_signer)
}
pub fn get_name(&self) -> String {

44
rust/switchboard-solana/src/attestation_program/accounts/routine.rs
View File

@ -286,18 +286,22 @@ impl FunctionRoutineAccountData {
self.is_disabled.into()
}
/// Validates the given `signer` account against the `function_account_info` and the enclave_signer
/// Validates the given `signer` account against the `function_loader` and the enclave_signer
/// stored in this `FunctionRoutineAccountData`.
///
/// # Arguments
///
/// * `function_account_info` - The `AccountInfo` of the function account.
/// * `signer` - The `AccountInfo` of the account to validate.
/// * `function_loader` - The `AccountLoader` of the function account to validate.
/// * `enclave_signer` - The `AccountInfo` of the enclave signer to validate.
///
/// # Errors
///
/// Returns an error if the function account data cannot be loaded or if the `signer` account does not match
/// the expected `enclave_signer`.
/// Returns an error if:
/// * the function cannot be deserialized
/// * the routine is not assigned to the function
/// * the function and routine have different attestation queues
/// * the routine's verified signer does not match the provided `enclave_signer`
/// * the `enclave_signer` did not sign the transaction
///
/// # Returns
///
@ -321,7 +325,7 @@ impl FunctionRoutineAccountData {
/// pub switchboard_function: AccountLoader<'info, FunctionAccountData>,
/// #[account(
/// constraint = switchboard_routine.validate_signer(
/// &switchboard_function.to_account_info(),
/// &switchboard_function,
/// &enclave_signer.to_account_info()
/// )?
/// )]
@ -331,12 +335,9 @@ impl FunctionRoutineAccountData {
/// ```
pub fn validate_signer<'a>(
&self,
function_account_info: &'a AccountInfo<'a>,
signer: &AccountInfo<'a>,
function_loader: &AccountLoader<'a, FunctionAccountData>,
enclave_signer: &AccountInfo<'a>,
) -> anchor_lang::Result<bool> {
let function_loader =
AccountLoader::<'a, FunctionAccountData>::try_from(function_account_info)?;
if self.function != function_loader.key() {
msg!(
"FunctionMismatch: expected {}, received {}",
@ -348,26 +349,7 @@ impl FunctionRoutineAccountData {
let func = function_loader.load()?; // check owner/discriminator
if self.attestation_queue != func.attestation_queue {
msg!(
"QueueMismatch: expected {}, received {}",
self.attestation_queue,
func.attestation_queue
);
return Ok(false);
}
// validate the enclaves delegated signer matches
if self.enclave_signer != signer.key() {
msg!(
"SignerMismatch: expected {}, received {}",
self.enclave_signer,
signer.key()
);
return Ok(false);
}
Ok(true)
func.validate_routine(self, enclave_signer)
}
pub fn get_name(&self) -> String {