solana: Add token authority transfer test cases

Author: nvsriram

solana/tests/anchor.test.ts

@@ -130,6 +130,7 @@ describe("example-native-token-transfers", () => {
   let sender: AccountAddress<"Solana">;
   let multisig: anchor.web3.PublicKey;
   let tokenAddress: string;
+  let multisigTokenAuthority: anchor.web3.PublicKey;
 
   beforeAll(async () => {
     try {
@@ -226,7 +227,7 @@ describe("example-native-token-transfers", () => {
   describe("Burning", () => {
     beforeAll(async () => {
       try {
-        multisig = await spl.createMultisig(
+        multisigTokenAuthority = await spl.createMultisig(
           connection,
           payer,
           [owner.publicKey, ntt.pdas.tokenAuthority()],
@@ -241,7 +242,7 @@ describe("example-native-token-transfers", () => {
           mint.publicKey,
           owner,
           spl.AuthorityType.MintTokens,
-          multisig,
+          multisigTokenAuthority,
           [],
           undefined,
           TOKEN_PROGRAM
@@ -252,7 +253,7 @@ describe("example-native-token-transfers", () => {
           mint: mint.publicKey,
           outboundLimit: 1000000n,
           mode: "burning",
-          multisig,
+          multisig: multisigTokenAuthority,
         });
         await signSendWait(ctx, initTxs, signer);
 
@@ -357,6 +358,327 @@ describe("example-native-token-transfers", () => {
       expect(balance.value.amount).toBe("9900000");
     });
 
+    describe("Can transfer mint authority to-and-from NTT manager", () => {
+      const newAuthority = anchor.web3.Keypair.generate();
+      let newMultisigAuthority: anchor.web3.PublicKey;
+
+      beforeAll(async () => {
+        newMultisigAuthority = await spl.createMultisig(
+          connection,
+          payer,
+          [owner.publicKey, newAuthority.publicKey],
+          2,
+          anchor.web3.Keypair.generate(),
+          undefined,
+          TOKEN_PROGRAM
+        );
+      });
+
+      it("Fails when contract is not paused", async () => {
+        try {
+          const transaction = new anchor.web3.Transaction().add(
+            await NTT.createSetTokenAuthorityOneStepUncheckedInstruction(
+              ntt.program,
+              await ntt.getConfig(),
+              {
+                owner: new SolanaAddress(await ntt.getOwner()).unwrap(),
+                newAuthority: newAuthority.publicKey,
+                multisigTokenAuthority,
+              }
+            )
+          );
+          transaction.feePayer = payer.publicKey;
+          const { blockhash } = await connection.getLatestBlockhash();
+          transaction.recentBlockhash = blockhash;
+          await anchor.web3.sendAndConfirmTransaction(connection, transaction, [
+            payer,
+          ]);
+          // tx should fail so this expect should never be hit
+          expect(false).toBeTruthy();
+        } catch (e) {
+          expect(e).toBeInstanceOf(anchor.web3.SendTransactionError);
+          const parsedError = anchor.AnchorError.parse(
+            (e as anchor.web3.SendTransactionError).logs ?? []
+          );
+          expect(parsedError?.error.errorCode).toEqual({
+            code: "NotPaused",
+            number: 6024,
+          });
+        } finally {
+          const mintInfo = await spl.getMint(
+            connection,
+            mint.publicKey,
+            undefined,
+            TOKEN_PROGRAM
+          );
+          expect(mintInfo.mintAuthority).toEqual(multisigTokenAuthority);
+        }
+      });
+
+      test("Multisig(owner, TA) -> newAuthority", async () => {
+        // retry after pausing contract
+        const pauseTxs = await ntt.pause(new SolanaAddress(payer.publicKey));
+        await signSendWait(ctx, pauseTxs, signer);
+
+        const transaction = new anchor.web3.Transaction().add(
+          await NTT.createSetTokenAuthorityOneStepUncheckedInstruction(
+            ntt.program,
+            await ntt.getConfig(),
+            {
+              owner: new SolanaAddress(await ntt.getOwner()).unwrap(),
+              newAuthority: newAuthority.publicKey,
+              multisigTokenAuthority,
+            }
+          )
+        );
+        transaction.feePayer = payer.publicKey;
+        const { blockhash } = await connection.getLatestBlockhash();
+        transaction.recentBlockhash = blockhash;
+        await anchor.web3.sendAndConfirmTransaction(connection, transaction, [
+          payer,
+        ]);
+
+        const mintInfo = await spl.getMint(
+          connection,
+          mint.publicKey,
+          undefined,
+          TOKEN_PROGRAM
+        );
+        expect(mintInfo.mintAuthority).toEqual(newAuthority.publicKey);
+      });
+
+      test("newAuthority -> TA", async () => {
+        const transaction = new anchor.web3.Transaction().add(
+          await NTT.createAcceptTokenAuthorityInstruction(
+            ntt.program,
+            await ntt.getConfig(),
+            {
+              currentAuthority: newAuthority.publicKey,
+            }
+          )
+        );
+        transaction.feePayer = payer.publicKey;
+        const { blockhash } = await connection.getLatestBlockhash();
+        transaction.recentBlockhash = blockhash;
+        await anchor.web3.sendAndConfirmTransaction(connection, transaction, [
+          payer,
+          newAuthority,
+        ]);
+
+        const mintInfo = await spl.getMint(
+          connection,
+          mint.publicKey,
+          undefined,
+          TOKEN_PROGRAM
+        );
+        expect(mintInfo.mintAuthority).toEqual(ntt.pdas.tokenAuthority());
+      });
+
+      test("TA -> Multisig(owner, newAuthority)", async () => {
+        // set token authority: TA -> newMultisigAuthority
+        const setTransaction = new anchor.web3.Transaction().add(
+          await NTT.createSetTokenAuthorityInstruction(
+            ntt.program,
+            await ntt.getConfig(),
+            {
+              rentPayer: new SolanaAddress(await ntt.getOwner()).unwrap(),
+              owner: new SolanaAddress(await ntt.getOwner()).unwrap(),
+              newAuthority: newMultisigAuthority,
+            }
+          )
+        );
+        setTransaction.feePayer = payer.publicKey;
+        const { blockhash } = await connection.getLatestBlockhash();
+        setTransaction.recentBlockhash = blockhash;
+        await anchor.web3.sendAndConfirmTransaction(
+          connection,
+          setTransaction,
+          [payer]
+        );
+
+        // claim token authority: newMultisigAuthority <- TA
+        const claimTransaction = new anchor.web3.Transaction().add(
+          await NTT.createClaimTokenAuthorityToMultisigInstruction(
+            ntt.program,
+            await ntt.getConfig(),
+            {
+              rentPayer: new SolanaAddress(await ntt.getOwner()).unwrap(),
+              newMultisigAuthority,
+              additionalSigners: [newAuthority.publicKey, owner.publicKey],
+            }
+          )
+        );
+        claimTransaction.feePayer = payer.publicKey;
+        claimTransaction.recentBlockhash = blockhash;
+        await anchor.web3.sendAndConfirmTransaction(
+          connection,
+          claimTransaction,
+          [payer, newAuthority, owner]
+        );
+
+        const mintInfo = await spl.getMint(
+          connection,
+          mint.publicKey,
+          undefined,
+          TOKEN_PROGRAM
+        );
+        expect(mintInfo.mintAuthority).toEqual(newMultisigAuthority);
+      });
+
+      test("Multisig(owner, newAuthority) -> Multisig(owner, TA)", async () => {
+        const transaction = new anchor.web3.Transaction().add(
+          await NTT.createAcceptTokenAuthorityFromMultisigInstruction(
+            ntt.program,
+            await ntt.getConfig(),
+            {
+              currentMultisigAuthority: newMultisigAuthority,
+              additionalSigners: [newAuthority.publicKey, owner.publicKey],
+              multisigTokenAuthority,
+            }
+          )
+        );
+        transaction.feePayer = payer.publicKey;
+        const { blockhash } = await connection.getLatestBlockhash();
+        transaction.recentBlockhash = blockhash;
+        await anchor.web3.sendAndConfirmTransaction(connection, transaction, [
+          payer,
+          newAuthority,
+          owner,
+        ]);
+
+        const mintInfo = await spl.getMint(
+          connection,
+          mint.publicKey,
+          undefined,
+          TOKEN_PROGRAM
+        );
+        expect(mintInfo.mintAuthority).toEqual(multisigTokenAuthority);
+      });
+
+      it("Fails on claim after revert", async () => {
+        try {
+          // fund newAuthority for it to be rent payer
+          const signature = await connection.requestAirdrop(
+            newAuthority.publicKey,
+            anchor.web3.LAMPORTS_PER_SOL
+          );
+          const { blockhash, lastValidBlockHeight } =
+            await connection.getLatestBlockhash();
+          await connection.confirmTransaction({
+            blockhash,
+            lastValidBlockHeight,
+            signature,
+          });
+          let newAuthorityBalance = (
+            await connection.getAccountInfo(newAuthority.publicKey)
+          )?.lamports;
+          expect(newAuthorityBalance).toBe(anchor.web3.LAMPORTS_PER_SOL);
+
+          // set token authority: multisigTokenAuthority -> newAuthority
+          const setTransaction = new anchor.web3.Transaction().add(
+            await NTT.createSetTokenAuthorityInstruction(
+              ntt.program,
+              await ntt.getConfig(),
+              {
+                rentPayer: newAuthority.publicKey,
+                owner: new SolanaAddress(await ntt.getOwner()).unwrap(),
+                newAuthority: newAuthority.publicKey,
+                multisigTokenAuthority,
+              }
+            )
+          );
+          setTransaction.feePayer = payer.publicKey;
+          setTransaction.recentBlockhash = blockhash;
+          await anchor.web3.sendAndConfirmTransaction(
+            connection,
+            setTransaction,
+            [payer, newAuthority]
+          );
+          newAuthorityBalance = (
+            await connection.getAccountInfo(newAuthority.publicKey)
+          )?.lamports;
+          const pendingTokenAuthorityRentExemptAmount =
+            await connection.getMinimumBalanceForRentExemption(
+              ntt.program.account.pendingTokenAuthority.size
+            );
+          expect(newAuthorityBalance).toBe(
+            anchor.web3.LAMPORTS_PER_SOL - pendingTokenAuthorityRentExemptAmount
+          );
+
+          // revert token authority: multisigTokenAuthority
+          const revertTransaction = new anchor.web3.Transaction().add(
+            await NTT.createRevertTokenAuthorityInstruction(
+              ntt.program,
+              await ntt.getConfig(),
+              {
+                rentPayer: newAuthority.publicKey,
+                owner: new SolanaAddress(await ntt.getOwner()).unwrap(),
+                multisigTokenAuthority,
+              }
+            )
+          );
+          revertTransaction.feePayer = payer.publicKey;
+          revertTransaction.recentBlockhash = blockhash;
+          await anchor.web3.sendAndConfirmTransaction(
+            connection,
+            revertTransaction,
+            [payer]
+          );
+          newAuthorityBalance = (
+            await connection.getAccountInfo(newAuthority.publicKey)
+          )?.lamports;
+          expect(newAuthorityBalance).toBe(anchor.web3.LAMPORTS_PER_SOL);
+
+          // claim token authority: newAuthority <- multisigTokenAuthority
+          const claimTransaction = new anchor.web3.Transaction().add(
+            await NTT.createClaimTokenAuthorityInstruction(
+              ntt.program,
+              await ntt.getConfig(),
+              {
+                rentPayer: newAuthority.publicKey,
+                newAuthority: newAuthority.publicKey,
+                multisigTokenAuthority,
+              }
+            )
+          );
+          claimTransaction.feePayer = payer.publicKey;
+          claimTransaction.recentBlockhash = blockhash;
+          await anchor.web3.sendAndConfirmTransaction(
+            connection,
+            claimTransaction,
+            [payer, newAuthority]
+          );
+          // tx should fail so this expect should never be hit
+          expect(false).toBeTruthy();
+        } catch (e) {
+          expect(e).toBeInstanceOf(anchor.web3.SendTransactionError);
+          const parsedError = anchor.AnchorError.parse(
+            (e as anchor.web3.SendTransactionError).logs ?? []
+          );
+          expect(parsedError?.error.errorCode).toEqual({
+            code: "AccountNotInitialized",
+            number: 3012,
+          });
+        } finally {
+          const mintInfo = await spl.getMint(
+            connection,
+            mint.publicKey,
+            undefined,
+            TOKEN_PROGRAM
+          );
+          expect(mintInfo.mintAuthority).toEqual(multisigTokenAuthority);
+        }
+      });
+
+      afterAll(async () => {
+        // unpause
+        const unpauseTxs = await ntt.unpause(
+          new SolanaAddress(payer.publicKey)
+        );
+        await signSendWait(ctx, unpauseTxs, signer);
+      });
+    });
+
     it("Can receive tokens", async () => {
       const emitter = new testing.mocks.MockEmitter(
         remoteXcvr.address as UniversalAddress,
@@ -396,7 +718,7 @@ describe("example-native-token-transfers", () => {
       const published = emitter.publishMessage(0, serialized, 200);
       const rawVaa = guardians.addSignatures(published, [0]);
       const vaa = deserialize("Ntt:WormholeTransfer", serialize(rawVaa));
-      const redeemTxs = ntt.redeem([vaa], sender, multisig);
+      const redeemTxs = ntt.redeem([vaa], sender, multisigTokenAuthority);
       try {
         await signSendWait(ctx, redeemTxs, signer);
       } catch (e) {
@@ -423,7 +745,7 @@ describe("example-native-token-transfers", () => {
         payer,
         mint.publicKey,
         dest.address,
-        multisig,
+        multisigTokenAuthority,
         1,
         [owner],
         undefined,