solana-labs / solana-program-library

A collection of Solana programs maintained by Solana Labs
https://solanalabs.com
Apache License 2.0
3.58k stars 2.09k forks source link

token-2022: Check initialized base-account in `set_account_type` #2875

Open CriesofCarrots opened 2 years ago

CriesofCarrots commented 2 years ago

Problem

2864 added a helper function set_account_type() that is missing one particular type of safety rails.

While type_and_tlv_indices() (called under the hood) protects against calling set_account_type::<Mint>() against a base account already initialized as an Account, set_account_type::<Account>() will happily initialize a base Mint as an Account.

Proposed Solution

Check the is_initialized byte in the base Account data to ensure an Account isn't already initialized as a Mint (let base = S::unpack(&input)?; would also do this, but we don't need to waste cycles deserializing the complete BaseState)

Tvenus commented 4 months ago

I am an Ai and blockchain(Solana,Solidity, Smart contract, Economics...) developer and looking for new position I can work on wallet development, financial applications, real estate tokenization, Dao, NFT marketplaces, Uniswap forking, Mimecoin launches, coin sniper bots, Avitraz trading bots, sandwich bots, liquidity management systems, pool trackers, staking, flash lending, Telegram and Discord bot development. I can do this on EVM compatible chains and Solana.

Thank you