Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added comments to insecure, recommended, and secure owner-check programs #40

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Added comments to insecure, recommended, and secure owner-check programs #40

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions programs/2-owner-checks/insecure/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,17 +10,24 @@ pub mod owner_checks_insecure {
use super::*;

pub fn log_message(ctx: Context<LogMessage>) -> ProgramResult {
// Unpack the token account data from the AccountInfo
let token = SplTokenAccount::unpack(&ctx.accounts.token.data.borrow())?;

// Check if the authority matches the token owner
if ctx.accounts.authority.key != &token.owner {
return Err(ProgramError::InvalidAccountData);
}

// Log the token amount
msg!("Your account balance is: {}", token.amount);
Ok(())
}
}

#[derive(Accounts)]
pub struct LogMessage<'info> {
// Token account information
token: AccountInfo<'info>,
// Authority that must sign the transaction
authority: Signer<'info>,
}
3 changes: 3 additions & 0 deletions programs/2-owner-checks/recommended/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,17 @@ pub mod owner_checks_recommended {
use super::*;

pub fn log_message(ctx: Context<LogMessage>) -> ProgramResult {
// Log the token amount directly from the TokenAccount
msg!("Your account balance is: {}", ctx.accounts.token.amount);
Ok(())
}
}

#[derive(Accounts)]
pub struct LogMessage<'info> {
// Token account information with a constraint to ensure the authority is the owner
#[account(constraint = authority.key == &token.owner)]
token: Account<'info, TokenAccount>,
// Authority that must sign the transaction
authority: Signer<'info>,
}
9 changes: 9 additions & 0 deletions programs/2-owner-checks/secure/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,20 +10,29 @@ pub mod owner_checks_secure {
use super::*;

pub fn log_message(ctx: Context<LogMessage>) -> ProgramResult {
// Unpack the token account data from the AccountInfo
let token = SplTokenAccount::unpack(&ctx.accounts.token.data.borrow())?;

// Ensure the token account is actually an SPL Token account
if ctx.accounts.token.owner != &spl_token::ID {
return Err(ProgramError::InvalidAccountData);
}

// Check if the authority matches the token owner
if ctx.accounts.authority.key != &token.owner {
return Err(ProgramError::InvalidAccountData);
}

// Log the token amount
msg!("Your account balance is: {}", token.amount);
Ok(())
}
}

#[derive(Accounts)]
pub struct LogMessage<'info> {
// Token account information
token: AccountInfo<'info>,
// Authority that must sign the transaction
authority: Signer<'info>,
}