* Fix signer parameters (staker, manager, depositor, fee-payer, and
token-owner)
* On deposit / withdraw / add / remove validator, show the validator
stake account and where the stake is going to
* Update all dependencies to 1.7.3, fix issues
* Remove esm from mocha
* Fix missed token test
* Also update rust version
* token-swap: update tolerance on sim test
* Run `cargo clippy --fix` for needless_borrow errors
* Rerun cargo fmt
* first commit
* add schema for stakepool accounts
* got imports working
* add typescript support
* fix schema
* Change to use PublicKey type
* change to camelCase instead
* add type annotations to typescript classes
* add readme
* Add prettier linting
* add instructions to run
* add test section
* prettier clean up schema.ts
* convert index.js to index.ts
* actually use decode method available in Assignable
* rename stakepoolaccount so i can have a wrapper class
* add new class StakePool and change return type of getStakePoolAccounts
* remove extraneous .js files
* update schema to incorporate jon's comments
* remove unnecessary comments
* add helper functions to get individual accounts; cleaned up code
* add Fee, change denominator/numerator to BN
* Add enums so we can check what type an accountType is
* Remove name and ticker in StakePool class
* fix borshjs import
* change outdir to dist/ folder
* Edit package.json
* add toBuffer for schema.PublicKey
* add exports and default exports to index.ts
* fix trailing comma on tsconfig.json
* get mocha test harness working with ts-node, ts-mocha, esm
* fix borsh import
* clean up imports
* add working test script
* remove unneeded borshjs import
* add unit tests for both decodes (WIP)
* no need to console.log in testOnDevnet since we now have a test suite
* Add tests for ValidatorListAccount.decode
* add schema.decode.StakePoolAccount test
* Finish up
* reduce dependencies in package.json
* Add lint command to package.json
* Lint with prettier
* Update README.md with new commands
* Write explanatory comments in index.js
* Small linting change
* feat: introduce new borshjs deserializeUnchecked import
* lint: npm lint
* refactor: upgrade web3js version
* refactor: refactor type names
* refactor: npm run lint
* refactor: improve tsconfig.json
* feat: add declaration and declarationMap to tsconfig.json
* feat: allow getStakePoolAccounts to more robustly handle errors
* Update stake-pool/js/.gitignore
Co-authored-by: Jon Cinque <jon.cinque@gmail.com>
* Update stake-pool/js/package.json
Co-authored-by: Jon Cinque <jon.cinque@gmail.com>
* Update stake-pool/js/package.json
Co-authored-by: Jon Cinque <jon.cinque@gmail.com>
* Update stake-pool/js/package.json
Co-authored-by: Jon Cinque <jon.cinque@gmail.com>
* Update stake-pool/js/package.json
Co-authored-by: Jon Cinque <jon.cinque@gmail.com>
* refactor: modify `constructStakePoolSchema` to mutate in place
* lint: remove webpack.config.js
* lint: npm run lint
* lint: add comments above index.ts
* lint: lowercase schema
* feat: add full deserialization test
* Update stake-pool/js/package.json
Co-authored-by: Jon Cinque <jon.cinque@gmail.com>
* refactor: remove try-catch block in getStakePoolAccounts
* lint: lint
* refactor: use web3js pubkey
* refactor: move integration tests to separate file
* refactor: change test.js to do encode-decode loop
Co-authored-by: Jon Cinque <jon.cinque@gmail.com>
* stake-pool: Add ability to withdraw from transient stakes
It's possible for a very malicious pool staker to constantly increase /
decrease the stake on validators, making it impossible for people to get
their SOL out.
Update the accounting to know how much of the stake is active and how
much is transient and allow users to withdraw from transient accounts,
but only if there's no more active stake.
* Remove mut ickiness
While going back through the docs, I ended up doing a lot of the stake
pool CLI items:
* Deposit / withdraw command: Use associated token account by default
* Create command: Allow passing the stake pool and mint keypair (useful
for testing)
* Create command: Split the transaction for pool creation (required to get under the
transaction size limit)
* Add / remove validator command: take a validator vote account rather than stake
account, which makes integration from outside tools a lot simpler
* Update command: add a `--force` flag to force the update
* Update command: add a `--no-merge` flag to not merge while updating
(useful to allow the pool to work, even if the transient stake
accounts are unmergeable)
* Withdraw: Add `--use-reserve` flag to withdraw from reserve
* Withdraw: Add `--vote-account` arg to specify which validator to
withdraw from
The stake pool expects pool tokens to be delegated to the withdraw
authority before performing a withdrawal. If a user delegates too many
tokens to the withdraw authority, anyone else can take the rest of their
tokens by doing their own withdrawal.
Delegate pool tokens to an ephemeral keypair and sign with that.
* stake-pool: Add depositor key on init, required on deposit
Some stake pools need to be private, and not allow outside depositors.
Enhance the existing deposit authority in the stake pool be configurable
on initialization, and then require its signature on deposit.
The existing deposit authority is a program address, making deposits
permissionless. This allows a pool creator to set their own deposit_authority on
initialization. In a great turn of events, almost everything else works
the same way!
Here's the current workflow for deposit, where the user calls
stake_program::authorize and stake_pool::deposit in the same
transaction:
* stake_program::authorize assigns staker and withdraw authority to the
stake pool deposit authority
* stake_pool::deposit
- uses the deposit authority to assign authority on the deposited
stake account to the stake pool withdraw authority
- uses the withdraw authority to merge the deposited stake into the validator stake
The deposit authority must "sign" the transaction in order to reassign
authority to the withdraw authority. Currently, as a program address, it
can just do that. With this change, if the deposit authority is set
during initialization, then that deposit authority must sign the
instruction.
There's also a little update for ease-of-use to always do the
stake_program::authorize in the same transaction as stake_pool::deposit.
This way, in case someone tries to deposit into a forbidden stake pool, the
whole transaction will bail and their stake will stay as theirs.
* Address review feedback
* Fix rebase issues
* Add check for transient stake account activation on removal
* Add proper merging logic during update
* Format + clippy
* Add max possible validators
* Disallow removal for any transient stake state
* Reduce number of accounts for BPF instruction usage
* stake-pool: Separate manager from owner
* Add manager pubkey to stake pool
* Differentiate manager functions from owner functions
* Include a `set_manager` function to be used by the owner
* Change the term `owner` to `authority` in the CLI for clarity
* Rename manager -> staker and owner -> manager
* Split staker, manager, and token owner in CLI
* "Do not disturb the boss"
* lending: Update JS tests to solana-test-validator
* Add solana tools install
* Fix oopsie on the path
* Move where deployed programs go
* stake-pool: Add borsh support and size on creation
We can't specify the size in the instruction unfortunately, since we'd
only have 10kb max for the validator list. At roughly 50 bytes per
validator, that only gives us 200 validators.
On the flip side, using Borsh means we can allow the validator stake list
to be any size!
* Add AccountType enum
* Remove V1 everywhere
* Add max validators as parameter and get_instance_packed_len
* Add test for adding too many validators
* Clippy
* stake-pool: Use checked_ceil_div for withdraw calc
When a stake account is totally removed from a stake pool by the
manager, there's a chance that the operation would not take enough of
the manager's pool tokens by 1 due to truncation.
Do a ceiling division instead, and refactor ceiling division into the
math library.
* Use new function name on CLI
* Cargo fmt
* stake-pool-cli: Fix update command, add verbosity
The update command in the stake pool CLI was passing the validator vote
account instead of the associated stake account from the pool, causing
it to fail. Additionally, add more verbose logging, and a dry-run mode
to get simulate transaction information, useful for debugging CLI
failures.
* Run cargo fmt
* stake-pool: Validator stake account initialized with 1 SOL
A validator stake account only has 1 lamport, which means that it will
gain very few rewards per epoch. Its credits_observed is not
be reset each epoch, which makes it practically impossible to merge
into. Get around this by instantiating them with more stake.
* Cargo fmt + fix tests
* Various postponed fixes and changes to the stake pool program
* Fixed PR comments
* Fixed no-signature validator stake account add test
Co-authored-by: Yuriy Savchenko <yuriy.savchenko@gmail.com>
* Added validator stake account list storage, deprecated old tests
* Added join and leave stake pool instructions, error messages refactoring
* Stake pool tests refactoring, tests for join and leave pool added
* Added validator stake account creation instruction, join/leave pool instructions renamed, version field added
* Formatting fixes
* Added update list/pool instructions (no tests yet), updated deposit instruction logic, claim instruction removed, refactoring
* Updated deposit logic and tests, updated withdraw logic and added tests, refactoring
* Stake pool CLI updated to work with new deposit/withdraw instructions, claim usage removed
* Added validator stake account management and balance update commands to the stake pool CLI, updated dependency versions, updated devnet program address
* Merge conflicts fixed
* Removed deprecated tests
* Fixes for review comments
* Additional program id checks across the code
* Formatting errors fixed
* Changed minimum stake balance in CLI, removed deprecated tests, removed check for stake history id
* Added TODO for stake account warmup status check
* Cargo.lock conflict fix
* Formatting fixed
* Update Cargo lock file for CI
* Pin themis version of subtle
Co-authored-by: Yuriy Savchenko <yuriy.savchenko@gmail.com>
* WIP: stake-pool: Add end-to-end testing using ProgramTest
* Run cargo fmt
* Add deposit test and extra requirements
* Update Cargo.lock after rebuild
* Bring token program sdk version back to 1.4.7
* Added set-staking-auth and set-owner commands to stake pool CLI
* Error handling refactored, fixed new fee owner setting, fixed set owner arg group settings
* Added check for fee account mint to stake pool initialization and set owner methods
* Implemented stake-pool CLI with create-pool, deposit, list and withdraw commands, fixed several bugs in underlying smart contract
* Several typos fixed, some error text clarifications.
* Fee parameter in stake pool creation changed into two: numarator and demoninator
* Refactoring to resolve pool request comments
* Added merge to stake_receiver account when claiming whole stake account
* Removed unused import
* Withdraw bump seed calculation fixed
* Added positive tests for withdraw, claim, set owner, set authority, several bugs fixed
* Fixed PR comments
* Fixed constant with leading zero
* Deposit tests refactoring
* Interface accounts added as read-only, fixed mint authority on deposit, fixed stake pool stake deserializing
* Unit test refactoring, added success tests for deposit, updated stake account program id
* Warnings fixed
* Removed random key generation, used Pubkey::new_unique instead
* Imports optimization
* Unit test architecture updated to remove separate invoke_signed declarations
* Added missing accounts (sysvar clock and stake account program id) to calls to stake account program
* Fixed formatting
* Fixed stake pool deposit unit test
* Temporarily removed stake-pool cli from main workspace
* Fixed warning in token program
* Fixed warning in token program v3
* Fixed warnings in token swap program
* Fixed warning in token cli
* Sysvar and program id params reordered
* Interface accounts added as read-only, fixed mint authority on deposit, fixed stake pool stake deserializing
* Unit test refactoring, added success tests for deposit, updated stake account program id
* Warnings fixed
* Removed random key generation, used Pubkey::new_unique instead
* Imports optimization
* Unit test architecture updated to remove separate invoke_signed declarations
* Added address type in programm address generation for the stake pool, renamed nonce to bump seed
* Formatting fixed
* Bump seed calculation moved to the smart contract, test for fee > 1 added, state length public constant added
* Added claim method to stake pool, fixed program address generation in token mint and burn calls
* Refactored signers management when calling other contracts
* Signers formation put back into calling functions, deposit/withdraw/claim method reworked, state serialization bug fixed
* Added instruction interface methods
* Fixed signer flags for accounts in stake pool instruction creation
* Added address type in programm address generation for the stake pool, renamed nonce to bump seed
* Formatting fixed
* Bump seed calculation moved to the smart contract, test for fee > 1 added, state length public constant added
* Added claim method to stake pool, fixed program address generation in token mint and burn calls
* Refactored signers management when calling other contracts
* Signers formation put back into calling functions, deposit/withdraw/claim method reworked, state serialization bug fixed
Jack May
Jon Cinque
Tyera Eulberg
dependabot[bot]
Lieu Zheng Hong
Tyera Eulberg
Michael Vines
jordansexton
Trent Nelson
Yuriy Savchenko
Atticlab LLC
Justin Starry
anatoly yakovenko