wip: transfer before burn/mint to trigger hooks

wip because with this the test tx size is 5 bytes larger (for transfer)
than the limit. The way to mitigate is to introduce lookup tables.
That mitigation will exist in the tests, but will also have to be done
on real deployments (since the transfer hooks might add an arbitrary
number of extra acconuts, so we should leave as much headroom as possible)

Author: kcsongor

solana/programs/example-native-token-transfers/src/instructions/release_inbound.rs

@@ -41,6 +41,13 @@ pub struct ReleaseInbound<'info> {
     pub mint: InterfaceAccount<'info, token_interface::Mint>,
 
     pub token_program: Interface<'info, token_interface::TokenInterface>,
+
+    /// CHECK: the token program checks if this indeed the right authority for the mint
+    #[account(
+        mut,
+        address = config.custody
+    )]
+    pub custody: InterfaceAccount<'info, token_interface::TokenAccount>,
 }
 
 #[derive(AnchorDeserialize, AnchorSerialize)]
@@ -52,6 +59,9 @@ pub struct ReleaseInboundArgs {
 
 #[derive(Accounts)]
 pub struct ReleaseInboundMint<'info> {
+    #[account(
+        constraint = common.config.mode == Mode::Burning @ NTTError::InvalidMode,
+    )]
     common: ReleaseInbound<'info>,
 }
 
@@ -62,8 +72,8 @@ pub struct ReleaseInboundMint<'info> {
 /// Setting this flag to `false` is useful when bundling this instruction
 /// together with [`crate::instructions::redeem`] in a transaction, so that the minting
 /// is attempted optimistically.
-pub fn release_inbound_mint(
-    ctx: Context<ReleaseInboundMint>,
+pub fn release_inbound_mint<'info>(
+    ctx: Context<'_, '_, '_, 'info, ReleaseInboundMint<'info>>,
     args: ReleaseInboundArgs,
 ) -> Result<()> {
     let inbox_item = &mut ctx.accounts.common.inbox_item;
@@ -79,38 +89,47 @@ pub fn release_inbound_mint(
     }
 
     assert!(inbox_item.release_status == ReleaseStatus::Released);
-    match ctx.accounts.common.config.mode {
-        Mode::Burning => token_interface::mint_to(
-            CpiContext::new_with_signer(
-                ctx.accounts.common.token_program.to_account_info(),
-                token_interface::MintTo {
-                    mint: ctx.accounts.common.mint.to_account_info(),
-                    to: ctx.accounts.common.recipient.to_account_info(),
-                    authority: ctx.accounts.common.token_authority.clone(),
-                },
-                &[&[
-                    crate::TOKEN_AUTHORITY_SEED,
-                    &[ctx.bumps.common.token_authority],
-                ]],
-            ),
-            inbox_item.amount,
+    token_interface::mint_to(
+        CpiContext::new_with_signer(
+            ctx.accounts.common.token_program.to_account_info(),
+            token_interface::MintTo {
+                mint: ctx.accounts.common.mint.to_account_info(),
+                to: ctx.accounts.common.custody.to_account_info(),
+                authority: ctx.accounts.common.token_authority.clone(),
+            },
+            &[&[
+                crate::TOKEN_AUTHORITY_SEED,
+                &[ctx.bumps.common.token_authority],
+            ]],
         ),
-        Mode::Locking => Err(NTTError::InvalidMode.into()),
-    }
+        inbox_item.amount,
+    )?;
+
+    onchain::invoke_transfer_checked(
+        &ctx.accounts.common.token_program.key(),
+        ctx.accounts.common.custody.to_account_info(),
+        ctx.accounts.common.mint.to_account_info(),
+        ctx.accounts.common.recipient.to_account_info(),
+        ctx.accounts.common.token_authority.clone(),
+        ctx.remaining_accounts,
+        inbox_item.amount,
+        ctx.accounts.common.mint.decimals,
+        &[&[
+            crate::TOKEN_AUTHORITY_SEED,
+            &[ctx.bumps.common.token_authority],
+        ]],
+    )?;
+    Ok(())
 }
 
 // Lock/unlock
 
 #[derive(Accounts)]
 pub struct ReleaseInboundUnlock<'info> {
-    common: ReleaseInbound<'info>,
-
-    /// CHECK: the token program checks if this indeed the right authority for the mint
     #[account(
-        mut,
-        address = common.config.custody
+        constraint = common.config.mode == Mode::Locking @ NTTError::InvalidMode,
     )]
-    pub custody: InterfaceAccount<'info, token_interface::TokenAccount>,
+    common: ReleaseInbound<'info>,
 }
 
 /// Release an inbound transfer and unlock the tokens to the recipient.
@@ -136,25 +155,19 @@ pub fn release_inbound_unlock<'info>(
         }
     }
 
-    assert!(inbox_item.release_status == ReleaseStatus::Released);
-    match ctx.accounts.common.config.mode {
-        Mode::Burning => Err(NTTError::InvalidMode.into()),
-        Mode::Locking => {
-            onchain::invoke_transfer_checked(
-                &ctx.accounts.common.token_program.key(),
-                ctx.accounts.custody.to_account_info(),
-                ctx.accounts.common.mint.to_account_info(),
-                ctx.accounts.common.recipient.to_account_info(),
-                ctx.accounts.common.token_authority.clone(),
-                ctx.remaining_accounts,
-                inbox_item.amount,
-                ctx.accounts.common.mint.decimals,
-                &[&[
-                    crate::TOKEN_AUTHORITY_SEED,
-                    &[ctx.bumps.common.token_authority],
-                ]],
-            )?;
-            Ok(())
-        }
-    }
+    onchain::invoke_transfer_checked(
+        &ctx.accounts.common.token_program.key(),
+        ctx.accounts.common.custody.to_account_info(),
+        ctx.accounts.common.mint.to_account_info(),
+        ctx.accounts.common.recipient.to_account_info(),
+        ctx.accounts.common.token_authority.clone(),
+        ctx.remaining_accounts,
+        inbox_item.amount,
+        ctx.accounts.common.mint.decimals,
+        &[&[
+            crate::TOKEN_AUTHORITY_SEED,
+            &[ctx.bumps.common.token_authority],
+        ]],
+    )?;
+    Ok(())
 }

solana/programs/example-native-token-transfers/src/instructions/transfer.rs

@@ -52,6 +52,12 @@ pub struct Transfer<'info> {
     #[account(mut)]
     pub outbox_rate_limit: Account<'info, OutboxRateLimit>,
 
+    #[account(
+        mut,
+        address = config.custody
+    )]
+    pub custody: InterfaceAccount<'info, token_interface::TokenAccount>,
+
     pub system_program: Program<'info, System>,
 }
 
@@ -85,6 +91,9 @@ impl TransferArgs {
 #[derive(Accounts)]
 #[instruction(args: TransferArgs)]
 pub struct TransferBurn<'info> {
+    #[account(
+        constraint = common.config.mode == Mode::Burning @ NTTError::InvalidMode,
+    )]
     pub common: Transfer<'info>,
 
     #[account(
@@ -111,15 +120,18 @@ pub struct TransferBurn<'info> {
         bump,
     )]
     pub session_authority: AccountInfo<'info>,
-}
 
-pub fn transfer_burn(ctx: Context<TransferBurn>, args: TransferArgs) -> Result<()> {
-    require_eq!(
-        ctx.accounts.common.config.mode,
-        Mode::Burning,
-        NTTError::InvalidMode
-    );
+    #[account(
+        seeds = [crate::TOKEN_AUTHORITY_SEED],
+        bump,
+    )]
+    pub token_authority: AccountInfo<'info>,
+}
 
+pub fn transfer_burn<'info>(
+    ctx: Context<'_, '_, '_, 'info, TransferBurn<'info>>,
+    args: TransferArgs,
+) -> Result<()> {
     let accs = ctx.accounts;
     let TransferArgs {
         mut amount,
@@ -136,30 +148,50 @@ pub fn transfer_burn(ctx: Context<TransferBurn>, args: TransferArgs) -> Result<(
     )
     .map_err(NTTError::from)?;
 
-    let before = accs.common.from.amount;
+    let before = accs.common.custody.amount;
+
+    onchain::invoke_transfer_checked(
+        &accs.common.token_program.key(),
+        accs.common.from.to_account_info(),
+        accs.common.mint.to_account_info(),
+        accs.common.custody.to_account_info(),
+        accs.session_authority.to_account_info(),
+        ctx.remaining_accounts,
+        amount,
+        accs.common.mint.decimals,
+        &[&[
+            crate::SESSION_AUTHORITY_SEED,
+            accs.common.from.owner.as_ref(),
+            args.keccak256().as_ref(),
+            &[ctx.bumps.session_authority],
+        ]],
+    )?;
 
     token_interface::burn(
         CpiContext::new_with_signer(
             accs.common.token_program.to_account_info(),
             token_interface::Burn {
                 mint: accs.common.mint.to_account_info(),
-                from: accs.common.from.to_account_info(),
-                authority: accs.session_authority.to_account_info(),
+                from: accs.common.custody.to_account_info(),
+                authority: accs.token_authority.to_account_info(),
             },
-            &[&[
-                crate::SESSION_AUTHORITY_SEED,
-                accs.common.from.owner.as_ref(),
-                args.keccak256().as_ref(),
-                &[ctx.bumps.session_authority],
-            ]],
+            &[&[crate::TOKEN_AUTHORITY_SEED, &[ctx.bumps.token_authority]]],
         ),
         amount,
     )?;
 
-    accs.common.from.reload()?;
-    let after = accs.common.from.amount;
+    accs.common.custody.reload()?;
+    let after = accs.common.custody.amount;
 
-    if after != before - amount {
+    // NOTE: we currently do not support tokens with fees. Support could be
+    // added, but it would require the client to calculate the amount _before_
+    // paying fees that results in an amount that can safely be trimmed.
+    // Otherwise, if the amount after paying fees has dust, then that amount
+    // would be lost.
+    // To support fee tokens, we would first transfer the amount, _then_ assert
+    // that the resulting amount has no dust (instead of removing dust before
+    // the transfer like we do now).
+    if after != before {
         return Err(NTTError::BadAmountAfterBurn.into());
     }
 
@@ -174,14 +206,19 @@ pub fn transfer_burn(ctx: Context<TransferBurn>, args: TransferArgs) -> Result<(
         recipient_ntt_manager,
         recipient_address,
         should_queue,
-    )
+    )?;
+
+    Ok(())
 }
 
 // Lock/unlock
 
 #[derive(Accounts)]
 #[instruction(args: TransferArgs)]
 pub struct TransferLock<'info> {
+    #[account(
+        constraint = common.config.mode == Mode::Locking @ NTTError::InvalidMode,
+    )]
     pub common: Transfer<'info>,
 
     #[account(
@@ -208,24 +245,12 @@ pub struct TransferLock<'info> {
         bump,
     )]
     pub session_authority: AccountInfo<'info>,
-
-    #[account(
-        mut,
-        address = common.config.custody
-    )]
-    pub custody: InterfaceAccount<'info, token_interface::TokenAccount>,
 }
 
 pub fn transfer_lock<'info>(
     ctx: Context<'_, '_, '_, 'info, TransferLock<'info>>,
     args: TransferArgs,
 ) -> Result<()> {
-    require_eq!(
-        ctx.accounts.common.config.mode,
-        Mode::Locking,
-        NTTError::InvalidMode
-    );
-
     let accs = ctx.accounts;
     let TransferArgs {
         mut amount,
@@ -242,13 +267,13 @@ pub fn transfer_lock<'info>(
     )
     .map_err(NTTError::from)?;
 
-    let before = accs.custody.amount;
+    let before = accs.common.custody.amount;
 
     onchain::invoke_transfer_checked(
         &accs.common.token_program.key(),
         accs.common.from.to_account_info(),
         accs.common.mint.to_account_info(),
-        accs.custody.to_account_info(),
+        accs.common.custody.to_account_info(),
         accs.session_authority.to_account_info(),
         ctx.remaining_accounts,
         amount,
@@ -261,8 +286,8 @@ pub fn transfer_lock<'info>(
         ]],
     )?;
 
-    accs.custody.reload()?;
-    let after = accs.custody.amount;
+    accs.common.custody.reload()?;
+    let after = accs.common.custody.amount;
 
     // NOTE: we currently do not support tokens with fees. Support could be
     // added, but it would require the client to calculate the amount _before_

solana/programs/example-native-token-transfers/src/lib.rs

@@ -77,7 +77,10 @@ pub mod example_native_token_transfers {
         Ok(VERSION.to_string())
     }
 
-    pub fn transfer_burn(ctx: Context<TransferBurn>, args: TransferArgs) -> Result<()> {
+    pub fn transfer_burn<'info>(
+        ctx: Context<'_, '_, '_, 'info, TransferBurn<'info>>,
+        args: TransferArgs,
+    ) -> Result<()> {
         instructions::transfer_burn(ctx, args)
     }
 
@@ -92,8 +95,8 @@ pub mod example_native_token_transfers {
         instructions::redeem(ctx, args)
     }
 
-    pub fn release_inbound_mint(
-        ctx: Context<ReleaseInboundMint>,
+    pub fn release_inbound_mint<'info>(
+        ctx: Context<'_, '_, '_, 'info, ReleaseInboundMint<'info>>,
         args: ReleaseInboundArgs,
     ) -> Result<()> {
         instructions::release_inbound_mint(ctx, args)

solana/programs/example-native-token-transfers/tests/sdk/instructions/transfer.rs

@@ -33,6 +33,7 @@ pub fn transfer_burn(ntt: &NTT, transfer: Transfer, args: TransferArgs) -> Instr
         inbox_rate_limit: ntt.inbox_rate_limit(chain_id),
         peer: transfer.peer,
         session_authority,
+        token_authority: ntt.token_authority(),
     };
 
     Instruction {
@@ -51,7 +52,6 @@ pub fn transfer_lock(ntt: &NTT, transfer: Transfer, args: TransferArgs) -> Instr
         common: common(ntt, &transfer),
         inbox_rate_limit: ntt.inbox_rate_limit(chain_id),
         peer: transfer.peer,
-        custody: ntt.custody(&transfer.mint),
         session_authority,
     };
     Instruction {
@@ -90,5 +90,6 @@ fn common(ntt: &NTT, transfer: &Transfer) -> example_native_token_transfers::acc
         outbox_item: transfer.outbox_item,
         outbox_rate_limit: ntt.outbox_rate_limit(),
         system_program: System::id(),
+        custody: ntt.custody(&transfer.mint),
     }
 }