From c3829b9266e1adb56c09de5a16e24bee2199a56f Mon Sep 17 00:00:00 2001 From: Hendrik Hofstadt Date: Fri, 11 Jun 2021 14:01:31 +0200 Subject: [PATCH] Fix seed derivation and implement proper dependency system Seeds currently did not account for the requirements of PDAs not being on the curve. This change uses the `find_program_address` method to also be able to derive "bumped seeds" from types implementing the Seeded trait. This is now also used for account creation. Also the way we originally planned to pass through dependencies in Peel is not compatible with the client as some of the context is not given there. I introduced a new method named "deps" with the same "chaining mechanic" that can provide deps that are appended to the accounts passed into the instruction. Change-Id: I116c8a3611e54b5a7fe5285310e4bc047119d656 --- .../anchor-bridge/programs/bridge/src/vaa.rs | 4 ++ .../programs/solitaire/src/lib.rs | 12 ++-- .../programs/solitaire/src/macros.rs | 8 ++- .../programs/solitaire/src/processors/peel.rs | 31 ++++++++-- .../solitaire/src/processors/seeded.rs | 16 +++++- .../programs/solitaire/src/types/accounts.rs | 12 ++-- .../programs/solitaire/src/types/context.rs | 13 +---- solana/anchor-bridge/rocksalt/src/lib.rs | 57 +++++++++++++++---- .../rocksalt/src/to_instruction.rs | 9 ++- 9 files changed, 116 insertions(+), 46 deletions(-) diff --git a/solana/anchor-bridge/programs/bridge/src/vaa.rs b/solana/anchor-bridge/programs/bridge/src/vaa.rs index d887d2499..4d352a9c3 100644 --- a/solana/anchor-bridge/programs/bridge/src/vaa.rs +++ b/solana/anchor-bridge/programs/bridge/src/vaa.rs @@ -92,6 +92,10 @@ impl<'a, 'b: 'a, 'c, T: DeserializePayload> Peel<'a, 'b, 'c> for PayloadMessage< Ok(PayloadMessage(data, payload)) } + + fn deps() -> Vec { + Data::<'b, PostedMessage, { AccountState::Initialized }>::deps() + } } impl<'b, T: DeserializePayload> Deref for PayloadMessage<'b, T> { diff --git a/solana/anchor-bridge/programs/solitaire/src/lib.rs b/solana/anchor-bridge/programs/solitaire/src/lib.rs index d0e7cdc18..47abc88a8 100644 --- a/solana/anchor-bridge/programs/solitaire/src/lib.rs +++ b/solana/anchor-bridge/programs/solitaire/src/lib.rs @@ -60,7 +60,6 @@ pub mod types; // We can also re-export a set of types at module scope, this defines the intended API we expect // people to be able to use from top-level. -pub use crate::processors::seeded::Owned; pub use crate::{ error::{ ErrBox, @@ -72,7 +71,10 @@ pub use crate::{ keyed::Keyed, peel::Peel, persist::Persist, - seeded::Creatable, + seeded::{ + Creatable, + Owned, + }, }, types::*, }; @@ -117,11 +119,7 @@ pub trait InstructionContext<'a> { /// Trait definition that describes types that can be constructed from a list of solana account /// references. A list of dependent accounts is produced as a side effect of the parsing stage. pub trait FromAccounts<'a, 'b: 'a, 'c> { - fn from( - _: &'a Pubkey, - _: &'c mut Iter<'a, AccountInfo<'b>>, - _: &'a T, - ) -> Result<(Self, Vec)> + fn from(_: &'a Pubkey, _: &'c mut Iter<'a, AccountInfo<'b>>, _: &'a T) -> Result where Self: Sized; } diff --git a/solana/anchor-bridge/programs/solitaire/src/macros.rs b/solana/anchor-bridge/programs/solitaire/src/macros.rs index b0a6ccb6a..2f85bc55b 100644 --- a/solana/anchor-bridge/programs/solitaire/src/macros.rs +++ b/solana/anchor-bridge/programs/solitaire/src/macros.rs @@ -29,7 +29,7 @@ macro_rules! solitaire { /// function calls can be found below in the `api` module. #[derive(BorshSerialize, BorshDeserialize)] - enum Instruction { + pub enum Instruction { $($row($kind),)* } @@ -39,7 +39,7 @@ macro_rules! solitaire { match BorshDeserialize::try_from_slice(d).map_err(|_| SolitaireError::InstructionDeserializeFailed)? { $( Instruction::$row(ix_data) => { - let (mut accounts, _deps): ($row, _) = FromAccounts::from(p, &mut a.iter(), &()).unwrap(); + let (mut accounts): ($row) = FromAccounts::from(p, &mut a.iter(), &()).unwrap(); $fn(&ExecutionContext{program_id: p, accounts: a}, &mut accounts, ix_data)?; accounts.persist(); Ok(()) @@ -124,6 +124,10 @@ macro_rules! data_wrapper { { Data::peel(ctx).map(|v| $name(v)) } + + fn deps() -> Vec { + Data::<'_, $embed, { $state }>::deps() + } } impl<'b> solitaire::processors::seeded::Owned for $name<'b> { diff --git a/solana/anchor-bridge/programs/solitaire/src/processors/peel.rs b/solana/anchor-bridge/programs/solitaire/src/processors/peel.rs index 2492c5341..db4a028a6 100644 --- a/solana/anchor-bridge/programs/solitaire/src/processors/peel.rs +++ b/solana/anchor-bridge/programs/solitaire/src/processors/peel.rs @@ -33,6 +33,8 @@ pub trait Peel<'a, 'b: 'a, 'c> { fn peel(ctx: &'c mut Context<'a, 'b, 'c, I>) -> Result where Self: Sized; + + fn deps() -> Vec; } /// Peel a Derived Key @@ -47,6 +49,9 @@ impl<'a, 'b: 'a, 'c, T: Peel<'a, 'b, 'c>, const Seed: &'static str> Peel<'a, 'b, _ => Err(SolitaireError::InvalidDerive(*ctx.info().key).into()), } } + fn deps() -> Vec { + T::deps() + } } /// Peel a Signer. @@ -57,6 +62,9 @@ impl<'a, 'b: 'a, 'c, T: Peel<'a, 'b, 'c>> Peel<'a, 'b, 'c> for Signer { _ => Err(SolitaireError::InvalidSigner(*ctx.info().key).into()), } } + fn deps() -> Vec { + T::deps() + } } /// Expicitly depend upon the System account. @@ -67,6 +75,9 @@ impl<'a, 'b: 'a, 'c, T: Peel<'a, 'b, 'c>> Peel<'a, 'b, 'c> for System { _ => panic!(), } } + fn deps() -> Vec { + T::deps() + } } /// Peel a Sysvar @@ -83,6 +94,9 @@ where _ => Err(SolitaireError::InvalidSysvar(*ctx.info().key).into()), } } + fn deps() -> Vec { + vec![] + } } /// This is our structural recursion base case, the trait system will stop generating new nested @@ -91,6 +105,9 @@ impl<'a, 'b: 'a, 'c> Peel<'a, 'b, 'c> for Info<'b> { fn peel(ctx: &'c mut Context<'a, 'b, 'c, I>) -> Result { Ok(ctx.info().clone()) } + fn deps() -> Vec { + vec![] + } } /// This is our structural recursion base case, the trait system will stop generating new nested @@ -103,9 +120,6 @@ impl<'a, 'b: 'a, 'c, T: BorshDeserialize + Owned + Default, const IsInitialized: // If we're initializing the type, we should emit system/rent as deps. let data: T = match IsInitialized { AccountState::Uninitialized => { - ctx.deps.push(sysvar::rent::ID); - ctx.deps.push(system_program::ID); - if **ctx.info().lamports.borrow() != 0 { return Err(SolitaireError::AlreadyInitialized(*ctx.info().key)); } @@ -116,9 +130,6 @@ impl<'a, 'b: 'a, 'c, T: BorshDeserialize + Owned + Default, const IsInitialized: T::try_from_slice(&mut *ctx.info().data.borrow_mut())? } AccountState::MaybeInitialized => { - ctx.deps.push(sysvar::rent::ID); - ctx.deps.push(system_program::ID); - if **ctx.info().lamports.borrow() == 0 { T::default() } else { @@ -146,4 +157,12 @@ impl<'a, 'b: 'a, 'c, T: BorshDeserialize + Owned + Default, const IsInitialized: Ok(Data(ctx.info().clone(), data)) } + + fn deps() -> Vec { + if IsInitialized == AccountState::Initialized { + return vec![]; + } + + vec![sysvar::rent::ID, system_program::ID] + } } diff --git a/solana/anchor-bridge/programs/solitaire/src/processors/seeded.rs b/solana/anchor-bridge/programs/solitaire/src/processors/seeded.rs index dfd61fb00..1bd8defd2 100644 --- a/solana/anchor-bridge/programs/solitaire/src/processors/seeded.rs +++ b/solana/anchor-bridge/programs/solitaire/src/processors/seeded.rs @@ -59,6 +59,16 @@ impl<'a, T: Owned + Default, const IsInitialized: AccountState> Owned pub trait Seeded { fn seeds(&self, accs: I) -> Vec>; + fn bumped_seeds(&self, accs: I, program_id: &Pubkey) -> Vec> { + let mut seeds = self.seeds(accs); + let mut s: Vec<&[u8]> = seeds.iter().map(|item| item.as_slice()).collect(); + let mut seed_slice = s.as_slice(); + let (_, bump_seed) = Pubkey::find_program_address(seed_slice, program_id); + seeds.push(vec![bump_seed]); + + seeds + } + fn verify_derivation<'a, 'b: 'a>(&'a self, program_id: &'a Pubkey, accs: I) -> Result<()> where Self: Keyed<'a, 'b>, @@ -102,11 +112,11 @@ impl<'a, 'b: 'a, K, T: AccountSize + Seeded + Keyed<'a, 'b> + Owned> Creatabl payer: &'a Pubkey, lamports: CreationLamports, ) -> Result<()> { - let seeds = self.seeds(accs); + let seeds = self.bumped_seeds(accs, ctx.program_id); let size = self.size(); - let s: Vec<&[u8]> = seeds.iter().map(|item| item.as_slice()).collect(); - let seed_slice = s.as_slice(); + let mut s: Vec<&[u8]> = seeds.iter().map(|item| item.as_slice()).collect(); + let mut seed_slice = s.as_slice(); let ix = system_instruction::create_account( payer, diff --git a/solana/anchor-bridge/programs/solitaire/src/types/accounts.rs b/solana/anchor-bridge/programs/solitaire/src/types/accounts.rs index e19c58cee..1a2a411fd 100644 --- a/solana/anchor-bridge/programs/solitaire/src/types/accounts.rs +++ b/solana/anchor-bridge/programs/solitaire/src/types/accounts.rs @@ -45,9 +45,9 @@ pub enum AccountState { /// /// Data<(), { AccountState::Uninitialized }> #[rustfmt::skip] -pub struct Data < 'r, T: Owned + Default + Default, const IsInitialized: AccountState> ( -pub Info<'r >, -pub T, +pub struct Data<'r, T: Owned + Default + Default, const IsInitialized: AccountState> ( + pub Info<'r>, + pub T, ); impl<'r, T: Owned + Default, const IsInitialized: AccountState> Deref @@ -99,7 +99,8 @@ impl Derive, Seed> { space as u64, owner, ); - invoke_signed(&ix, ctx.accounts, &[&[Seed.as_bytes()]]).map_err(|e| e.into()) + let (_, bump_seed) = Pubkey::find_program_address(&[Seed.as_bytes()][..], ctx.program_id); + invoke_signed(&ix, ctx.accounts, &[&[Seed.as_bytes(), &[bump_seed]]]).map_err(|e| e.into()) } } @@ -121,6 +122,7 @@ impl size as u64, ctx.program_id, ); - invoke_signed(&ix, ctx.accounts, &[&[Seed.as_bytes()]]).map_err(|e| e.into()) + let (_, bump_seed) = Pubkey::find_program_address(&[Seed.as_bytes()][..], ctx.program_id); + invoke_signed(&ix, ctx.accounts, &[&[Seed.as_bytes(), &[bump_seed]]]).map_err(|e| e.into()) } } diff --git a/solana/anchor-bridge/programs/solitaire/src/types/context.rs b/solana/anchor-bridge/programs/solitaire/src/types/context.rs index aafe3f6bf..0474ad03e 100644 --- a/solana/anchor-bridge/programs/solitaire/src/types/context.rs +++ b/solana/anchor-bridge/programs/solitaire/src/types/context.rs @@ -19,26 +19,15 @@ pub struct Context<'a, 'b: 'a, 'c, T> { /// account for. pub data: &'a T, - /// This is a list of dependent keys that are emitted by this verification pipeline. This - /// allows things such as `rent`/`system` to be emitted as required for an account without - /// having to specify them in the original instruction account data. - pub deps: &'c mut Vec, - pub info: Option<&'a AccountInfo<'b>>, } impl<'a, 'b: 'a, 'c, T> Context<'a, 'b, 'c, T> { - pub fn new( - program: &'a Pubkey, - iter: &'c mut Iter<'a, AccountInfo<'b>>, - data: &'a T, - deps: &'c mut Vec, - ) -> Self { + pub fn new(program: &'a Pubkey, iter: &'c mut Iter<'a, AccountInfo<'b>>, data: &'a T) -> Self { Context { this: program, iter, data, - deps, info: None, } } diff --git a/solana/anchor-bridge/rocksalt/src/lib.rs b/solana/anchor-bridge/rocksalt/src/lib.rs index 3a08243c1..dd2560826 100644 --- a/solana/anchor-bridge/rocksalt/src/lib.rs +++ b/solana/anchor-bridge/rocksalt/src/lib.rs @@ -66,7 +66,6 @@ pub fn derive_to_instruction(input: TokenStream) -> TokenStream { } let (combined_impl_g, _, _) = combined_generics.split_for_impl(); - let from_method = generate_fields(&name, &input.data); let expanded = generate_to_instruction(&name, &combined_impl_g, &input.data); TokenStream::from(expanded) } @@ -108,25 +107,28 @@ pub fn derive_from_accounts(input: TokenStream) -> TokenStream { let from_method = generate_fields(&name, &input.data); let persist_method = generate_persist(&name, &input.data); + let deps_method = generate_deps_fields(&name, &input.data); let expanded = quote! { /// Macro generated implementation of FromAccounts by Solitaire. impl #combined_impl_g solitaire::FromAccounts #peel_type_g for #name #type_g { - fn from(pid: &'a solana_program::pubkey::Pubkey, iter: &'c mut std::slice::Iter<'a, solana_program::account_info::AccountInfo<'b>>, data: &'a DataType) -> solitaire::Result<(Self, Vec)> { + fn from(pid: &'a solana_program::pubkey::Pubkey, iter: &'c mut std::slice::Iter<'a, solana_program::account_info::AccountInfo<'b>>, data: &'a DataType) -> solitaire::Result { #from_method } } impl #combined_impl_g solitaire::Peel<'a, 'b, 'c> for #name #type_g { fn peel(ctx: &'c mut Context<'a, 'b, 'c, I>) -> solitaire::Result where Self: Sized { - let v: #name #type_g = FromAccounts::from(ctx.this, ctx.iter, ctx.data).map(|v| v.0)?; + let v: #name #type_g = FromAccounts::from(ctx.this, ctx.iter, ctx.data)?; // Verify the instruction constraints solitaire::InstructionContext::verify(&v, ctx.this)?; - // Append instruction level dependencies - ctx.deps.append(&mut solitaire::InstructionContext::deps(&v)); Ok(v) } + + fn deps() -> Vec { + #deps_method + } } /// Macro generated implementation of Persist by Solitaire. @@ -166,7 +168,6 @@ fn generate_fields(name: &syn::Ident, data: &Data) -> TokenStream2 { pid, iter, data, - &mut deps, ))?; } }); @@ -179,9 +180,47 @@ fn generate_fields(name: &syn::Ident, data: &Data) -> TokenStream2 { // Write out our iterator and return the filled structure. quote! { use solana_program::account_info::next_account_info; + #(#recurse;)* + Ok(#name { #(#names,)* }) + } + } + + Fields::Unnamed(_) => { + unimplemented!() + } + + Fields::Unit => { + unimplemented!() + } + } + } + + Data::Enum(_) | Data::Union(_) => unimplemented!(), + } +} + +/// This function does the heavy lifting of generating the field parsers. +fn generate_deps_fields(name: &syn::Ident, data: &Data) -> TokenStream2 { + match *data { + // We only care about structures. + Data::Struct(ref data) => { + // We want to inspect its fields. + match data.fields { + // For now, we only care about struct { a: T } forms, not struct(T); + Fields::Named(ref fields) => { + // For each field, generate an expression appends it deps + let recurse = fields.named.iter().map(|f| { + let ty = &f.ty; + quote! { + deps.append(&mut <#ty as Peel>::deps()); + } + }); + + // Write out our iterator and return the filled structure. + quote! { let mut deps = Vec::new(); #(#recurse;)* - Ok((#name { #(#names,)* }, deps)) + deps } } @@ -221,7 +260,6 @@ fn generate_persist(name: &syn::Ident, data: &Data) -> TokenStream2 { pid, iter, data, - &mut deps, ))?; } }); @@ -234,9 +272,8 @@ fn generate_persist(name: &syn::Ident, data: &Data) -> TokenStream2 { // Write out our iterator and return the filled structure. quote! { use solana_program::account_info::next_account_info; - let mut deps = Vec::new(); #(#recurse;)* - Ok((#name { #(#names,)* }, deps)) + Ok(#name { #(#names,)* }) } } diff --git a/solana/anchor-bridge/rocksalt/src/to_instruction.rs b/solana/anchor-bridge/rocksalt/src/to_instruction.rs index 0d92088ac..039211eda 100644 --- a/solana/anchor-bridge/rocksalt/src/to_instruction.rs +++ b/solana/anchor-bridge/rocksalt/src/to_instruction.rs @@ -37,6 +37,7 @@ pub fn generate_to_instruction( let ty = &field.ty; quote! { + deps.append(&mut <#ty as solitaire::Peel>::deps()); account_metas.append(&mut <#ty as solitaire_client::Wrap>::wrap(&self.#name)?); if let Some(pair) = <#ty as solitaire_client::Wrap>::keypair(self.#name) { signers.push(pair); @@ -66,8 +67,14 @@ pub fn generate_to_instruction( use solana_program::{pubkey::Pubkey, instruction::Instruction}; let mut account_metas = Vec::new(); let mut signers = Vec::new(); + let mut deps = Vec::new(); - #(#expanded_appends;)* + #(#expanded_appends;)* + + // Add dependencies + deps.dedup(); + let mut dep_ams = deps.iter().map(|v| solana_program::instruction::AccountMeta::new_readonly(*v, false)).collect(); + account_metas.append(&mut dep_ams); Ok((solana_program::instruction::Instruction::new_with_bytes(program_id, ix_data,