A bug was shipped in the status instruction that pulls the first 32 bytes from the flatbuffers account struct.
The bug was also featured in the node to do the same thing which allows the pubkey to incorrectly match and not error, but this added a weird byte offset that causes the pubkey to be wrong, but as stated it did not fail the on chain checks since it is doing the same thing.
Example Culprit Code
let (pkbytes, writable) = a.0.split_at(32);
let pubkey = Pubkey::try_from(pkbytes).unwrap_or_default();
AccountMeta {
pubkey,
is_writable: writable[0] == 1,
is_signer: false,
}
Since this is a struct, the byte layout is much simpler as opposed to a table, which means it looks like more like a 33 byte slice.
We are grabbing the pubkey from the wrong offset 0 instead of 1.
Instead we should be using the methods to pull these fields.
A bug was shipped in the status instruction that pulls the first 32 bytes from the flatbuffers account struct. The bug was also featured in the node to do the same thing which allows the pubkey to incorrectly match and not error, but this added a weird byte offset that causes the pubkey to be wrong, but as stated it did not fail the on chain checks since it is doing the same thing.
Example Culprit Code
Flat buffer schema
Since this is a struct, the byte layout is much simpler as opposed to a table, which means it looks like more like a 33 byte slice. We are grabbing the pubkey from the wrong offset 0 instead of 1.
Instead we should be using the methods to pull these fields.