reclaim buffer account#60
Open
kaze-cow wants to merge 5 commits into
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds the
ReclaimBuffersinstruction. Also add some more capabilities to the test helpers.Changes
The instruction takes in 3 accounts,
state_account, receiver_account, token_account, plus two additional accountsbuffer_pda, mintfor each buffer to clear. Themintis required to help verify the canonical status ofbuffer_pda, as well as to callBurnif the account happens to hold excess funds.The instruction can only be called by the
receiveraccount which is registered in thestate_pdaAs of right now the state pda has been initialized with no data, so it was changed to allow for initiating a single
receiveraccount (maybe later we rename this tofundsManageror so?). Ultimately it seems we will need to have some sort of account that wields this role so might as well start thinking about it now.Since a bad actor could send 1 wei/lamport of a token to the buffers just before we close them, the buffer may become unable to be closed and the instruction would fail. This could be used as a griefing tactic, so this instruction will additionally
Burnany remaining tokens found in the buffer before closing.Burnis used instead ofTransferbecause a transfer would likely require conditional allocation and sending--all for what is almost certainly a tiny . So its much easier to simply burn this amount entirely and move on. As this is a potentially destructive operation, multiple warnings have been added around the codebase to prevent this from being overlooked. Additionally, while most tokens support anyone being able to Burn their own tokens, there may exist certain 2022 tokens which disallow it, and so the buffer could not be closed unless we were to empty the account completely.For the unit tests (which were expanded upon in #53 ), one additional change was made to allow for controlling the signer with
is_signer. For right now it arbitrarily assumes any account that doesn't have data is a signer and any account that does have data is not. Tbh I am not sure how to handle this, I think it would be really annoying to have a boolean for every single call to thefake_account*functions. Maybe there is another way?How to test