CI: Add program and all extra steps (#13)

* CI: Add program and all extra steps

#### Problem

The token program now lives in its program-specific repo, but no part of
it is being exercised by CI.

#### Summary of changes

Integrate the token program properly into CI. This includes:

* add it to the Cargo workspace, and removing spl-token-client, since
  it's currently empty
* run lint / format / test on the program
* run spellcheck / audit / semver checks on the Rust packages
* move rust scripts to `scripts/rust` and make them reusable
* update to Solana 2.1 and proper rust toolchains

* Move JS scripts around, build program too

.github/workflows/main.yml

@@ -43,6 +43,85 @@ jobs:
       - name: Lint Client Rust
         run: pnpm clients:rust:lint
 
+  format_and_lint_program:
+    name: Format & Lint Program
+    runs-on: ubuntu-latest
+    steps:
+      - name: Git Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Environment
+        uses: ./.github/actions/setup
+        with:
+          clippy: true
+          rustfmt: true
+
+      - name: Format
+        run: pnpm programs:format
+
+      - name: Lint
+        run: pnpm programs:lint
+
+  audit_rust:
+    name: Audit Rust
+    runs-on: ubuntu-latest
+    steps:
+      - name: Git Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Environment
+        uses: ./.github/actions/setup
+        with:
+          cargo-cache-key: cargo-audit
+
+      - name: Install cargo-audit
+        uses: taiki-e/install-action@v2
+        with:
+          tool: cargo-audit
+
+      - name: Run cargo-audit
+        run: pnpm rust:audit
+
+  semver_rust:
+    name: Check semver Rust
+    runs-on: ubuntu-latest
+    steps:
+      - name: Git Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Environment
+        uses: ./.github/actions/setup
+        with:
+          cargo-cache-key: cargo-semver
+
+      - name: Install cargo-audit
+        uses: taiki-e/install-action@v2
+        with:
+          tool: cargo-semver-checks
+
+      - name: Run semver checks
+        run: pnpm rust:semver
+
+  spellcheck_rust:
+    name: Spellcheck Rust
+    runs-on: ubuntu-latest
+    steps:
+      - name: Git Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Environment
+        uses: ./.github/actions/setup
+        with:
+          cargo-cache-key: cargo-spellcheck
+
+      - name: Install cargo-spellcheck
+        uses: taiki-e/install-action@v2
+        with:
+          tool: cargo-spellcheck
+
+      - name: Run cargo-spellcheck
+        run: pnpm rust:spellcheck
+
   generate_clients:
     name: Check Client Generation
     runs-on: ubuntu-latest
@@ -63,10 +142,40 @@ jobs:
           git status --porcelain
           test -z "$(git status --porcelain)"
 
+  build_program:
+    name: Build Program
+    runs-on: ubuntu-latest
+    needs: format_and_lint_program
+    steps:
+      - name: Git Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Environment
+        uses: ./.github/actions/setup
+        with:
+          cargo-cache-key: cargo-build-program
+          solana: true
+
+      - name: Build
+        run: pnpm programs:build
+
+      - name: Upload Program Builds
+        uses: actions/upload-artifact@v4
+        with:
+          name: program-builds
+          path: ./target/deploy/*.so
+          if-no-files-found: error
+
+      - name: Save Program Builds For Client Jobs
+        uses: actions/cache/save@v4
+        with:
+          path: ./**/*.so
+          key: ${{ runner.os }}-builds-${{ github.sha }}
+
   test_client_js:
     name: Test Client JS
     runs-on: ubuntu-latest
-    needs: format_and_lint_client_js
+    needs: [format_and_lint_client_js, build_program]
     steps:
       - name: Git Checkout
         uses: actions/checkout@v4
@@ -76,6 +185,12 @@ jobs:
         with:
           solana: true
 
+      - name: Restore Program Builds
+        uses: actions/cache/restore@v4
+        with:
+          path: ./**/*.so
+          key: ${{ runner.os }}-builds-${{ github.sha }}
+
       - name: Test Client JS
         run: pnpm clients:js:test
 
@@ -96,3 +211,20 @@ jobs:
 
       - name: Test Client Rust
         run: pnpm clients:rust:test
+
+  test_program:
+    name: Test Program
+    runs-on: ubuntu-latest
+    needs: format_and_lint_program
+    steps:
+      - name: Git Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Environment
+        uses: ./.github/actions/setup
+        with:
+          cargo-cache-key: cargo-test-program
+          solana: true
+
+      - name: Test
+        run: pnpm programs:test

Cargo.toml

@@ -1,12 +1,22 @@
 [workspace]
 resolver = "2"
-members = ["clients/rust"]
+members = ["program"]
+
+[workspace.lints.rust.unexpected_cfgs]
+level = "warn"
+check-cfg = [
+    'cfg(target_os, values("solana"))',
+    'cfg(feature, values("frozen-abi", "no-entrypoint"))',
+]
 
 [workspace.metadata.cli]
-solana = "1.18.18"
+solana = "2.1.0"
 
 # Specify Rust toolchains for rustfmt, clippy, and build.
 # Any unprovided toolchains default to stable.
 [workspace.metadata.toolchains]
-format = "1.78.0"
-lint = "1.78.0"
+format = "nightly-2024-08-08"
+lint = "nightly-2024-08-08"
+
+[workspace.metadata.spellcheck]
+config = "scripts/spellcheck.toml"

clients/rust/Cargo.toml

@@ -8,21 +8,14 @@ readme = "README.md"
 license-file = "../../LICENSE"
 
 [features]
-anchor = ["dep:anchor-lang"]
 test-sbf = []
 serde = ["dep:serde", "dep:serde_with"]
 
 [dependencies]
-anchor-lang = { version = "0.30.0", optional = true }
 borsh = "^0.10"
 num-derive = "^0.3"
 num-traits = "^0.2"
 serde = { version = "^1.0", features = ["derive"], optional = true }
 serde_with = { version = "^3.0", optional = true }
-solana-program = "~1.18"
+solana-program = "2.1"
 thiserror = "^1.0"
-
-[dev-dependencies]
-assert_matches = "1.5.0"
-solana-program-test = "~1.18"
-solana-sdk = "~1.18"

clients/rust/src/lib.rs

@@ -1,4 +1,6 @@
+/*
 mod generated;
 
 pub use generated::programs::TOKEN_ID as ID;
 pub use generated::*;
+*/

package.json

@@ -1,6 +1,10 @@
 {
   "private": true,
   "scripts": {
+    "programs:build": "zx ./scripts/rust/build-sbf.mjs program",
+    "programs:format": "zx ./scripts/rust/format.mjs program",
+    "programs:lint": "zx ./scripts/rust/lint.mjs program",
+    "programs:test": "zx ./scripts/rust/test-sbf.mjs program",
     "solana:check": "zx ./scripts/check-solana-version.mjs",
     "solana:link": "zx ./scripts/link-solana-version.mjs",
     "generate": "pnpm generate:clients",
@@ -8,15 +12,18 @@
     "validator:start": "zx ./scripts/start-validator.mjs",
     "validator:restart": "pnpm validator:start --restart",
     "validator:stop": "zx ./scripts/stop-validator.mjs",
-    "clients:js:format": "zx ./scripts/client/format-js.mjs",
-    "clients:js:lint": "zx ./scripts/client/lint-js.mjs",
-    "clients:js:publish": "zx ./scripts/client/publish-js.mjs",
-    "clients:js:test": "zx ./scripts/client/test-js.mjs",
-    "clients:rust:format": "zx ./scripts/client/format-rust.mjs",
-    "clients:rust:lint": "zx ./scripts/client/lint-rust.mjs",
-    "clients:rust:publish": "zx ./scripts/client/publish-rust.mjs",
-    "clients:rust:test": "zx ./scripts/client/test-rust.mjs",
-    "template:upgrade": "zx ./scripts/upgrade-template.mjs"
+    "clients:js:format": "zx ./scripts/js/format.mjs",
+    "clients:js:lint": "zx ./scripts/js/lint.mjs",
+    "clients:js:publish": "zx ./scripts/js/publish.mjs",
+    "clients:js:test": "zx ./scripts/js/test.mjs",
+    "clients:rust:format": "zx ./scripts/rust/format.mjs clients/rust",
+    "clients:rust:lint": "zx ./scripts/rust/lint.mjs clients/rust",
+    "clients:rust:publish": "zx ./scripts/rust/publish.mjs clients/rust",
+    "clients:rust:test": "zx ./scripts/rust/test-sbf.mjs clients/rust",
+    "template:upgrade": "zx ./scripts/upgrade-template.mjs",
+    "rust:spellcheck": "cargo spellcheck --code 1",
+    "rust:audit": "zx ./scripts/rust/audit.mjs",
+    "rust:semver": "cargo semver-checks"
   },
   "devDependencies": {
     "@codama/renderers-js": "^1.0.0",

program/Cargo.toml

@@ -2,11 +2,10 @@
 name = "spl-token"
 version = "7.0.0"
 description = "Solana Program Library Token"
-authors = ["Solana Labs Maintainers <maintainers@solanalabs.com>"]
-repository = "https://github.com/solana-labs/solana-program-library"
+authors = ["Anza Maintainers <maintainers@anza.xyz>"]
+repository = "https://github.com/solana-program/token"
 license = "Apache-2.0"
 edition = "2021"
-exclude = ["js/**"]
 
 [features]
 no-entrypoint = []
@@ -36,3 +35,6 @@ targets = ["x86_64-unknown-linux-gnu"]
 
 [lints]
 workspace = true
+
+[package.metadata.solana]
+program-id = "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA"

program/Xargo.toml

@@ -1,2 +0,0 @@
-[target.bpfel-unknown-unknown.dependencies.std]
-features = []

program/inc/token.h

@@ -1,687 +0,0 @@
-/* Autogenerated SPL Token program C Bindings */
-
-#pragma once
-
-#include <stdarg.h>
-#include <stdbool.h>
-#include <stdint.h>
-#include <stdlib.h>
-
-/**
- * Minimum number of multisignature signers (min N)
- */
-#define Token_MIN_SIGNERS 1
-
-/**
- * Maximum number of multisignature signers (max N)
- */
-#define Token_MAX_SIGNERS 11
-
-/**
- * Account state.
- */
-enum Token_AccountState
-#ifdef __cplusplus
-  : uint8_t
-#endif // __cplusplus
- {
-    /**
-     * Account is not yet initialized
-     */
-    Token_AccountState_Uninitialized,
-    /**
-     * Account is initialized; the account owner and/or delegate may perform permitted operations
-     * on this account
-     */
-    Token_AccountState_Initialized,
-    /**
-     * Account has been frozen by the mint freeze authority. Neither the account owner nor
-     * the delegate are able to perform operations on this account.
-     */
-    Token_AccountState_Frozen,
-};
-#ifndef __cplusplus
-typedef uint8_t Token_AccountState;
-#endif // __cplusplus
-
-/**
- * Specifies the authority type for SetAuthority instructions
- */
-enum Token_AuthorityType
-#ifdef __cplusplus
-  : uint8_t
-#endif // __cplusplus
- {
-    /**
-     * Authority to mint new tokens
-     */
-    Token_AuthorityType_MintTokens,
-    /**
-     * Authority to freeze any account associated with the Mint
-     */
-    Token_AuthorityType_FreezeAccount,
-    /**
-     * Owner of a given token account
-     */
-    Token_AuthorityType_AccountOwner,
-    /**
-     * Authority to close a token account
-     */
-    Token_AuthorityType_CloseAccount,
-};
-#ifndef __cplusplus
-typedef uint8_t Token_AuthorityType;
-#endif // __cplusplus
-
-typedef uint8_t Token_Pubkey[32];
-
-/**
- * A C representation of Rust's `std::option::Option`
- */
-typedef enum Token_COption_Pubkey_Tag {
-    /**
-     * No value
-     */
-    Token_COption_Pubkey_None_Pubkey,
-    /**
-     * Some value `T`
-     */
-    Token_COption_Pubkey_Some_Pubkey,
-} Token_COption_Pubkey_Tag;
-
-typedef struct Token_COption_Pubkey {
-    Token_COption_Pubkey_Tag tag;
-    union {
-        struct {
-            Token_Pubkey some;
-        };
-    };
-} Token_COption_Pubkey;
-
-/**
- * Instructions supported by the token program.
- */
-typedef enum Token_TokenInstruction_Tag {
-    /**
-     * Initializes a new mint and optionally deposits all the newly minted
-     * tokens in an account.
-     *
-     * The `InitializeMint` instruction requires no signers and MUST be
-     * included within the same Transaction as the system program's
-     * `CreateAccount` instruction that creates the account being initialized.
-     * Otherwise another party can acquire ownership of the uninitialized
-     * account.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   0. `[writable]` The mint to initialize.
-     *   1. `[]` Rent sysvar
-     *
-     */
-    Token_TokenInstruction_InitializeMint,
-    /**
-     * Initializes a new account to hold tokens.  If this account is associated
-     * with the native mint then the token balance of the initialized account
-     * will be equal to the amount of SOL in the account. If this account is
-     * associated with another mint, that mint must be initialized before this
-     * command can succeed.
-     *
-     * The `InitializeAccount` instruction requires no signers and MUST be
-     * included within the same Transaction as the system program's
-     * `CreateAccount` instruction that creates the account being initialized.
-     * Otherwise another party can acquire ownership of the uninitialized
-     * account.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   0. `[writable]`  The account to initialize.
-     *   1. `[]` The mint this account will be associated with.
-     *   2. `[]` The new account's owner/multisignature.
-     *   3. `[]` Rent sysvar
-     */
-    Token_TokenInstruction_InitializeAccount,
-    /**
-     * Initializes a multisignature account with N provided signers.
-     *
-     * Multisignature accounts can used in place of any single owner/delegate
-     * accounts in any token instruction that require an owner/delegate to be
-     * present.  The variant field represents the number of signers (M)
-     * required to validate this multisignature account.
-     *
-     * The `InitializeMultisig` instruction requires no signers and MUST be
-     * included within the same Transaction as the system program's
-     * `CreateAccount` instruction that creates the account being initialized.
-     * Otherwise another party can acquire ownership of the uninitialized
-     * account.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   0. `[writable]` The multisignature account to initialize.
-     *   1. `[]` Rent sysvar
-     *   2. ..2+N. `[]` The signer accounts, must equal to N where 1 <= N <=
-     *      11.
-     */
-    Token_TokenInstruction_InitializeMultisig,
-    /**
-     * Transfers tokens from one account to another either directly or via a
-     * delegate.  If this account is associated with the native mint then equal
-     * amounts of SOL and Tokens will be transferred to the destination
-     * account.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single owner/delegate
-     *   0. `[writable]` The source account.
-     *   1. `[writable]` The destination account.
-     *   2. `[signer]` The source account's owner/delegate.
-     *
-     *   * Multisignature owner/delegate
-     *   0. `[writable]` The source account.
-     *   1. `[writable]` The destination account.
-     *   2. `[]` The source account's multisignature owner/delegate.
-     *   3. ..3+M `[signer]` M signer accounts.
-     */
-    Token_TokenInstruction_Transfer,
-    /**
-     * Approves a delegate.  A delegate is given the authority over tokens on
-     * behalf of the source account's owner.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single owner
-     *   0. `[writable]` The source account.
-     *   1. `[]` The delegate.
-     *   2. `[signer]` The source account owner.
-     *
-     *   * Multisignature owner
-     *   0. `[writable]` The source account.
-     *   1. `[]` The delegate.
-     *   2. `[]` The source account's multisignature owner.
-     *   3. ..3+M `[signer]` M signer accounts
-     */
-    Token_TokenInstruction_Approve,
-    /**
-     * Revokes the delegate's authority.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single owner
-     *   0. `[writable]` The source account.
-     *   1. `[signer]` The source account owner.
-     *
-     *   * Multisignature owner
-     *   0. `[writable]` The source account.
-     *   1. `[]` The source account's multisignature owner.
-     *   2. ..2+M `[signer]` M signer accounts
-     */
-    Token_TokenInstruction_Revoke,
-    /**
-     * Sets a new authority of a mint or account.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single authority
-     *   0. `[writable]` The mint or account to change the authority of.
-     *   1. `[signer]` The current authority of the mint or account.
-     *
-     *   * Multisignature authority
-     *   0. `[writable]` The mint or account to change the authority of.
-     *   1. `[]` The mint's or account's current multisignature authority.
-     *   2. ..2+M `[signer]` M signer accounts
-     */
-    Token_TokenInstruction_SetAuthority,
-    /**
-     * Mints new tokens to an account.  The native mint does not support
-     * minting.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single authority
-     *   0. `[writable]` The mint.
-     *   1. `[writable]` The account to mint tokens to.
-     *   2. `[signer]` The mint's minting authority.
-     *
-     *   * Multisignature authority
-     *   0. `[writable]` The mint.
-     *   1. `[writable]` The account to mint tokens to.
-     *   2. `[]` The mint's multisignature mint-tokens authority.
-     *   3. ..3+M `[signer]` M signer accounts.
-     */
-    Token_TokenInstruction_MintTo,
-    /**
-     * Burns tokens by removing them from an account.  `Burn` does not support
-     * accounts associated with the native mint, use `CloseAccount` instead.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single owner/delegate
-     *   0. `[writable]` The account to burn from.
-     *   1. `[writable]` The token mint.
-     *   2. `[signer]` The account's owner/delegate.
-     *
-     *   * Multisignature owner/delegate
-     *   0. `[writable]` The account to burn from.
-     *   1. `[writable]` The token mint.
-     *   2. `[]` The account's multisignature owner/delegate.
-     *   3. ..3+M `[signer]` M signer accounts.
-     */
-    Token_TokenInstruction_Burn,
-    /**
-     * Close an account by transferring all its SOL to the destination account.
-     * Non-native accounts may only be closed if its token amount is zero.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single owner
-     *   0. `[writable]` The account to close.
-     *   1. `[writable]` The destination account.
-     *   2. `[signer]` The account's owner.
-     *
-     *   * Multisignature owner
-     *   0. `[writable]` The account to close.
-     *   1. `[writable]` The destination account.
-     *   2. `[]` The account's multisignature owner.
-     *   3. ..3+M `[signer]` M signer accounts.
-     */
-    Token_TokenInstruction_CloseAccount,
-    /**
-     * Freeze an Initialized account using the Mint's freeze_authority (if
-     * set).
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single owner
-     *   0. `[writable]` The account to freeze.
-     *   1. `[]` The token mint.
-     *   2. `[signer]` The mint freeze authority.
-     *
-     *   * Multisignature owner
-     *   0. `[writable]` The account to freeze.
-     *   1. `[]` The token mint.
-     *   2. `[]` The mint's multisignature freeze authority.
-     *   3. ..3+M `[signer]` M signer accounts.
-     */
-    Token_TokenInstruction_FreezeAccount,
-    /**
-     * Thaw a Frozen account using the Mint's freeze_authority (if set).
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single owner
-     *   0. `[writable]` The account to freeze.
-     *   1. `[]` The token mint.
-     *   2. `[signer]` The mint freeze authority.
-     *
-     *   * Multisignature owner
-     *   0. `[writable]` The account to freeze.
-     *   1. `[]` The token mint.
-     *   2. `[]` The mint's multisignature freeze authority.
-     *   3. ..3+M `[signer]` M signer accounts.
-     */
-    Token_TokenInstruction_ThawAccount,
-    /**
-     * Transfers tokens from one account to another either directly or via a
-     * delegate.  If this account is associated with the native mint then equal
-     * amounts of SOL and Tokens will be transferred to the destination
-     * account.
-     *
-     * This instruction differs from Transfer in that the token mint and
-     * decimals value is checked by the caller.  This may be useful when
-     * creating transactions offline or within a hardware wallet.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single owner/delegate
-     *   0. `[writable]` The source account.
-     *   1. `[]` The token mint.
-     *   2. `[writable]` The destination account.
-     *   3. `[signer]` The source account's owner/delegate.
-     *
-     *   * Multisignature owner/delegate
-     *   0. `[writable]` The source account.
-     *   1. `[]` The token mint.
-     *   2. `[writable]` The destination account.
-     *   3. `[]` The source account's multisignature owner/delegate.
-     *   4. ..4+M `[signer]` M signer accounts.
-     */
-    Token_TokenInstruction_TransferChecked,
-    /**
-     * Approves a delegate.  A delegate is given the authority over tokens on
-     * behalf of the source account's owner.
-     *
-     * This instruction differs from Approve in that the token mint and
-     * decimals value is checked by the caller.  This may be useful when
-     * creating transactions offline or within a hardware wallet.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single owner
-     *   0. `[writable]` The source account.
-     *   1. `[]` The token mint.
-     *   2. `[]` The delegate.
-     *   3. `[signer]` The source account owner.
-     *
-     *   * Multisignature owner
-     *   0. `[writable]` The source account.
-     *   1. `[]` The token mint.
-     *   2. `[]` The delegate.
-     *   3. `[]` The source account's multisignature owner.
-     *   4. ..4+M `[signer]` M signer accounts
-     */
-    Token_TokenInstruction_ApproveChecked,
-    /**
-     * Mints new tokens to an account.  The native mint does not support
-     * minting.
-     *
-     * This instruction differs from MintTo in that the decimals value is
-     * checked by the caller.  This may be useful when creating transactions
-     * offline or within a hardware wallet.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single authority
-     *   0. `[writable]` The mint.
-     *   1. `[writable]` The account to mint tokens to.
-     *   2. `[signer]` The mint's minting authority.
-     *
-     *   * Multisignature authority
-     *   0. `[writable]` The mint.
-     *   1. `[writable]` The account to mint tokens to.
-     *   2. `[]` The mint's multisignature mint-tokens authority.
-     *   3. ..3+M `[signer]` M signer accounts.
-     */
-    Token_TokenInstruction_MintToChecked,
-    /**
-     * Burns tokens by removing them from an account.  `BurnChecked` does not
-     * support accounts associated with the native mint, use `CloseAccount`
-     * instead.
-     *
-     * This instruction differs from Burn in that the decimals value is checked
-     * by the caller. This may be useful when creating transactions offline or
-     * within a hardware wallet.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   * Single owner/delegate
-     *   0. `[writable]` The account to burn from.
-     *   1. `[writable]` The token mint.
-     *   2. `[signer]` The account's owner/delegate.
-     *
-     *   * Multisignature owner/delegate
-     *   0. `[writable]` The account to burn from.
-     *   1. `[writable]` The token mint.
-     *   2. `[]` The account's multisignature owner/delegate.
-     *   3. ..3+M `[signer]` M signer accounts.
-     */
-    Token_TokenInstruction_BurnChecked,
-    /**
-     * Like InitializeAccount, but the owner pubkey is passed via instruction data
-     * rather than the accounts list. This variant may be preferable when using
-     * Cross Program Invocation from an instruction that does not need the owner's
-     * `AccountInfo` otherwise.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   0. `[writable]`  The account to initialize.
-     *   1. `[]` The mint this account will be associated with.
-     *   3. `[]` Rent sysvar
-     */
-    Token_TokenInstruction_InitializeAccount2,
-    /**
-     * Given a wrapped / native token account (a token account containing SOL)
-     * updates its amount field based on the account's underlying `lamports`.
-     * This is useful if a non-wrapped SOL account uses `system_instruction::transfer`
-     * to move lamports to a wrapped token account, and needs to have its token
-     * `amount` field updated.
-     *
-     * Accounts expected by this instruction:
-     *
-     *   0. `[writable]`  The native token account to sync with its underlying lamports.
-     */
-    Token_TokenInstruction_SyncNative,
-} Token_TokenInstruction_Tag;
-
-typedef struct Token_TokenInstruction_Token_InitializeMint_Body {
-    /**
-     * Number of base 10 digits to the right of the decimal place.
-     */
-    uint8_t decimals;
-    /**
-     * The authority/multisignature to mint tokens.
-     */
-    Token_Pubkey mint_authority;
-    /**
-     * The freeze authority/multisignature of the mint.
-     */
-    struct Token_COption_Pubkey freeze_authority;
-} Token_TokenInstruction_Token_InitializeMint_Body;
-
-typedef struct Token_TokenInstruction_Token_InitializeMultisig_Body {
-    /**
-     * The number of signers (M) required to validate this multisignature
-     * account.
-     */
-    uint8_t m;
-} Token_TokenInstruction_Token_InitializeMultisig_Body;
-
-typedef struct Token_TokenInstruction_Token_Transfer_Body {
-    /**
-     * The amount of tokens to transfer.
-     */
-    uint64_t amount;
-} Token_TokenInstruction_Token_Transfer_Body;
-
-typedef struct Token_TokenInstruction_Token_Approve_Body {
-    /**
-     * The amount of tokens the delegate is approved for.
-     */
-    uint64_t amount;
-} Token_TokenInstruction_Token_Approve_Body;
-
-typedef struct Token_TokenInstruction_Token_SetAuthority_Body {
-    /**
-     * The type of authority to update.
-     */
-    Token_AuthorityType authority_type;
-    /**
-     * The new authority
-     */
-    struct Token_COption_Pubkey new_authority;
-} Token_TokenInstruction_Token_SetAuthority_Body;
-
-typedef struct Token_TokenInstruction_Token_MintTo_Body {
-    /**
-     * The amount of new tokens to mint.
-     */
-    uint64_t amount;
-} Token_TokenInstruction_Token_MintTo_Body;
-
-typedef struct Token_TokenInstruction_Token_Burn_Body {
-    /**
-     * The amount of tokens to burn.
-     */
-    uint64_t amount;
-} Token_TokenInstruction_Token_Burn_Body;
-
-typedef struct Token_TokenInstruction_Token_TransferChecked_Body {
-    /**
-     * The amount of tokens to transfer.
-     */
-    uint64_t amount;
-    /**
-     * Expected number of base 10 digits to the right of the decimal place.
-     */
-    uint8_t decimals;
-} Token_TokenInstruction_Token_TransferChecked_Body;
-
-typedef struct Token_TokenInstruction_Token_ApproveChecked_Body {
-    /**
-     * The amount of tokens the delegate is approved for.
-     */
-    uint64_t amount;
-    /**
-     * Expected number of base 10 digits to the right of the decimal place.
-     */
-    uint8_t decimals;
-} Token_TokenInstruction_Token_ApproveChecked_Body;
-
-typedef struct Token_TokenInstruction_Token_MintToChecked_Body {
-    /**
-     * The amount of new tokens to mint.
-     */
-    uint64_t amount;
-    /**
-     * Expected number of base 10 digits to the right of the decimal place.
-     */
-    uint8_t decimals;
-} Token_TokenInstruction_Token_MintToChecked_Body;
-
-typedef struct Token_TokenInstruction_Token_BurnChecked_Body {
-    /**
-     * The amount of tokens to burn.
-     */
-    uint64_t amount;
-    /**
-     * Expected number of base 10 digits to the right of the decimal place.
-     */
-    uint8_t decimals;
-} Token_TokenInstruction_Token_BurnChecked_Body;
-
-typedef struct Token_TokenInstruction_Token_InitializeAccount2_Body {
-    /**
-     * The new account's owner/multisignature.
-     */
-    Token_Pubkey owner;
-} Token_TokenInstruction_Token_InitializeAccount2_Body;
-
-typedef struct Token_TokenInstruction {
-    Token_TokenInstruction_Tag tag;
-    union {
-        Token_TokenInstruction_Token_InitializeMint_Body initialize_mint;
-        Token_TokenInstruction_Token_InitializeMultisig_Body initialize_multisig;
-        Token_TokenInstruction_Token_Transfer_Body transfer;
-        Token_TokenInstruction_Token_Approve_Body approve;
-        Token_TokenInstruction_Token_SetAuthority_Body set_authority;
-        Token_TokenInstruction_Token_MintTo_Body mint_to;
-        Token_TokenInstruction_Token_Burn_Body burn;
-        Token_TokenInstruction_Token_TransferChecked_Body transfer_checked;
-        Token_TokenInstruction_Token_ApproveChecked_Body approve_checked;
-        Token_TokenInstruction_Token_MintToChecked_Body mint_to_checked;
-        Token_TokenInstruction_Token_BurnChecked_Body burn_checked;
-        Token_TokenInstruction_Token_InitializeAccount2_Body initialize_account2;
-    };
-} Token_TokenInstruction;
-
-/**
- * Mint data.
- */
-typedef struct Token_Mint {
-    /**
-     * Optional authority used to mint new tokens. The mint authority may only be provided during
-     * mint creation. If no mint authority is present then the mint has a fixed supply and no
-     * further tokens may be minted.
-     */
-    struct Token_COption_Pubkey mint_authority;
-    /**
-     * Total supply of tokens.
-     */
-    uint64_t supply;
-    /**
-     * Number of base 10 digits to the right of the decimal place.
-     */
-    uint8_t decimals;
-    /**
-     * Is `true` if this structure has been initialized
-     */
-    bool is_initialized;
-    /**
-     * Optional authority to freeze token accounts.
-     */
-    struct Token_COption_Pubkey freeze_authority;
-} Token_Mint;
-
-/**
- * A C representation of Rust's `std::option::Option`
- */
-typedef enum Token_COption_u64_Tag {
-    /**
-     * No value
-     */
-    Token_COption_u64_None_u64,
-    /**
-     * Some value `T`
-     */
-    Token_COption_u64_Some_u64,
-} Token_COption_u64_Tag;
-
-typedef struct Token_COption_u64 {
-    Token_COption_u64_Tag tag;
-    union {
-        struct {
-            uint64_t some;
-        };
-    };
-} Token_COption_u64;
-
-/**
- * Account data.
- */
-typedef struct Token_Account {
-    /**
-     * The mint associated with this account
-     */
-    Token_Pubkey mint;
-    /**
-     * The owner of this account.
-     */
-    Token_Pubkey owner;
-    /**
-     * The amount of tokens this account holds.
-     */
-    uint64_t amount;
-    /**
-     * If `delegate` is `Some` then `delegated_amount` represents
-     * the amount authorized by the delegate
-     */
-    struct Token_COption_Pubkey delegate;
-    /**
-     * The account's state
-     */
-    Token_AccountState state;
-    /**
-     * If is_some, this is a native token, and the value logs the rent-exempt reserve. An Account
-     * is required to be rent-exempt, so the value is used by the Processor to ensure that wrapped
-     * SOL accounts do not drop below this threshold.
-     */
-    struct Token_COption_u64 is_native;
-    /**
-     * The amount delegated
-     */
-    uint64_t delegated_amount;
-    /**
-     * Optional authority to close the account.
-     */
-    struct Token_COption_Pubkey close_authority;
-} Token_Account;
-
-/**
- * Multisignature data.
- */
-typedef struct Token_Multisig {
-    /**
-     * Number of signers required
-     */
-    uint8_t m;
-    /**
-     * Number of valid signers
-     */
-    uint8_t n;
-    /**
-     * Is `true` if this structure has been initialized
-     */
-    bool is_initialized;
-    /**
-     * Signer public keys
-     */
-    Token_Pubkey signers[Token_MAX_SIGNERS];
-} Token_Multisig;

program/program-id.md

@@ -1 +0,0 @@
-TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA

rust-toolchain.toml

@@ -0,0 +1,2 @@
+[toolchain]
+channel = "1.81.0"

rustfmt.toml

@@ -1,10 +1,5 @@
-max_width = 100
-reorder_imports = true
-reorder_modules = true
-
-# == Nightly only. ==
-# imports_indent = "Block"
-# imports_layout = "Mixed"
-# imports_granularity = "Crate"
-# group_imports = "Preserve"
-# reorder_impl_items = false
+comment_width = 80
+edition = "2021"
+group_imports = "One"
+imports_granularity = "One"
+wrap_comments = true

scripts/client/test-rust.mjs

@@ -1,18 +0,0 @@
-#!/usr/bin/env zx
-import 'zx/globals';
-import { cliArguments, workingDirectory } from '../utils.mjs';
-
-// Configure additional arguments here, e.g.:
-// ['--arg1', '--arg2', ...cliArguments()]
-const testArgs = cliArguments();
-
-const hasSolfmt = await which('solfmt', { nothrow: true });
-const sbfOutDir = path.join(workingDirectory, 'target', 'deploy');
-
-// Run the tests.
-cd(path.join(workingDirectory, 'clients', 'rust'));
-if (hasSolfmt) {
-  await $`SBF_OUT_DIR=${sbfOutDir} cargo test --features "test-sbf" ${testArgs} 2>&1 | solfmt`;
-} else {
-  await $`SBF_OUT_DIR=${sbfOutDir} cargo test --features "test-sbf" ${testArgs}`;
-}

scripts/rust/audit.mjs

@@ -0,0 +1,31 @@
+#!/usr/bin/env zx
+import 'zx/globals';
+
+const advisories = [
+  // ed25519-dalek: Double Public Key Signing Function Oracle Attack
+  //
+  // Remove once repo upgrades to ed25519-dalek v2
+  'RUSTSEC-2022-0093',
+
+  // curve25519-dalek
+  //
+  // Remove once repo upgrades to curve25519-dalek v4
+  'RUSTSEC-2024-0344',
+
+  // Crate:     tonic
+  // Version:   0.9.2
+  // Title:     Remotely exploitable Denial of Service in Tonic
+  // Date:      2024-10-01
+  // ID:        RUSTSEC-2024-0376
+  // URL:       https://rustsec.org/advisories/RUSTSEC-2024-0376
+  // Solution:  Upgrade to >=0.12.3
+  'RUSTSEC-2024-0376',
+];
+const ignores = []
+advisories.forEach(x => {
+  ignores.push('--ignore');
+  ignores.push(x);
+});
+
+// Check Solana version.
+await $`cargo audit ${ignores}`;

scripts/rust/build-sbf.mjs

@@ -0,0 +1,8 @@
+#!/usr/bin/env zx
+import 'zx/globals';
+import { cliArguments, workingDirectory } from '../utils.mjs';
+
+const [folder, ...args] = cliArguments();
+const manifestPath = path.join(workingDirectory, folder, 'Cargo.toml');
+await $`cargo-build-sbf --manifest-path ${manifestPath} ${args}`;
+

scripts/client/format-rust.mjs → scripts/rust/format.mjs

@@ -8,19 +8,13 @@ import {
   workingDirectory,
 } from '../utils.mjs';
 
-// Configure additional arguments here, e.g.:
-// ['--arg1', '--arg2', ...cliArguments()]
-const formatArgs = cliArguments();
+const [folder, ...formatArgs] = cliArguments();
 
 const fix = popArgument(formatArgs, '--fix');
 const [cargoArgs, fmtArgs] = partitionArguments(formatArgs, '--');
 const toolchain = getToolchainArgument('format');
-const manifestPath = path.join(
-  workingDirectory,
-  'clients',
-  'rust',
-  'Cargo.toml'
-);
+
+const manifestPath = path.join(workingDirectory, folder, 'Cargo.toml');
 
 // Format the client.
 if (fix) {

scripts/client/lint-rust.mjs → scripts/rust/lint.mjs

@@ -7,18 +7,23 @@ import {
   workingDirectory,
 } from '../utils.mjs';
 
+const [folder, ...args] = cliArguments();
+
 // Configure additional arguments here, e.g.:
 // ['--arg1', '--arg2', ...cliArguments()]
-const lintArgs = cliArguments();
+const lintArgs = [
+  '-Zunstable-options',
+  '--all-targets',
+  '--all-features',
+  '--',
+  '--deny=warnings',
+  '--deny=clippy::arithmetic_side_effects',
+  ...args,
+];
 
 const fix = popArgument(lintArgs, '--fix');
 const toolchain = getToolchainArgument('lint');
-const manifestPath = path.join(
-  workingDirectory,
-  'clients',
-  'rust',
-  'Cargo.toml'
-);
+const manifestPath = path.join(workingDirectory, folder, 'Cargo.toml');
 
 // Check the client using Clippy.
 if (fix) {

scripts/rust/test-sbf.mjs

@@ -0,0 +1,8 @@
+#!/usr/bin/env zx
+import 'zx/globals';
+import { cliArguments, workingDirectory } from '../utils.mjs';
+
+const [folder, ...args] = cliArguments();
+const manifestPath = path.join(workingDirectory, folder, 'Cargo.toml');
+
+await $`RUST_LOG=error cargo test-sbf --manifest-path ${manifestPath} ${args}`;

scripts/solana.dic

@@ -0,0 +1,51 @@
+1000
+config
+metadata
+json
+uri
+ui
+cli
+readme/S
+arg/S
+vec/S
+enum/S
+noop/S
+realloc/S
+overallocate/SGD
+namespace
+serde
+deserialize/SRGD
+deserialization
+struct/S
+param/S
+tuple/S
+metas
+infos
+async
+subcommand
+repo
+init
+solana
+sol/S
+blockchain/S
+permissionless
+composability
+runtime
+onchain
+offchain
+keypair/S
+decrypt/SGD
+lamport/S
+validator/S
+pubkey/S
+sysvar/S
+timestamp/S
+entrypoint/S
+spl
+pda/S
+multisignature/S
+multisig/S
+staker/S
+APY
+codama
+autogenerated

scripts/spellcheck.toml

@@ -0,0 +1,6 @@
+[Hunspell]
+use_builtin = true
+skip_os_lookups = false
+search_dirs = ["."]
+extra_dictionaries = ["solana.dic"]
+