search

kevinheavey / solana-bankrun

Superfast Solana Tests for Node.js
https://kevinheavey.github.io/solana-bankrun/
Apache License 2.0
86 stars 8 forks source link

Does the banks client verify signatures? #23

Open the-fool opened 1 month ago

the-fool commented 1 month ago

It seems like processTransaction works when an account is supposed to be a signer, but there is no signature in the transaction. Is this the expected behavior? And is there any way to enforce signature checks?

For example, say there is an Anchor accounts declaration:

#[derive(Accounts)]
pub struct Example<'info> {
    #[account(mut)]
    payer: Signer<'info>,

    other_signer: Signer<'info>,
}

If I submit a transaction with these two accounts, but no signature for the other_signer account, the transaction still executes successfully.

kevinheavey commented 1 month ago

The underlying solana-banks-server code doesn't check the signatures. But how are you serializing the transaction without the signatures being checked on the client side? Related: https://github.com/kevinheavey/solana-bankrun/pull/15

the-fool commented 1 month ago

That answers that :)

I am just using @solana/web3.js, like so:

const msg = new web3.TransactionMessage({
      payerKey,
      recentBlockhash,
      instructions,
 }).compileToV0Message()

const tx = new web3.VersionedTransaction(msg)

banksClient.processTransaction(tx)