search

solana-labs / solana

Web-Scale Blockchain for fast, secure, scalable, decentralized apps and marketplaces.
https://solanalabs.com
Apache License 2.0
13.21k stars 4.29k forks source link

Provide transaction fee payer and system program via sysvars #18588

Closed armaniferrante closed 1 year ago

armaniferrante commented 3 years ago

When creating accounts inside an instruction, one needs to provide two additional accounts, which are often not otherwise used--the system program and payer--for the CPI to the system program

It would be convenient to be able to reference these AccountInfos via sysvars, so that clients don't need to provide them in the transaction, and so that programs can abstract away this detail.

For example, in Anchor, we have to define a set of accounts creating + initializing an account as follows

#[derive(Accounts)]
pub struct MyInstruction<'info> {
    #[account(init, payer = my_payer)]
    my_account: ProgramAccount<'info, Data>,
    my_payer: AccountInfo<'info>,
    system_program: AccountInfo<'info>,
    rent: Sysvar<'info, Rent>,
}

But it would be nice to only define the single relevant account.

#[derive(Accounts)]
pub struct MyInstruction<'info> {
    #[account(init)]
    my_account: ProgramAccount<'info, Data>,
}
ryoqun commented 3 years ago

yeah, I know correctly spelling out each and every accounts for cpi is cumbersome and bad for defi composability...

that's the reason I'm trying to propose #17796 .

It would be convenient to be able to reference these AccountInfos via sysvars (EDIT: syscalls)

in fact, sysvars should be available via syscalls by now.

payer

This is a bit hard part. Enabling arbitrary programs to load fee payer AccountInfo with is_signer=true opens wide variety of over-authorization (for example, the signer bit might also be used for withdraw_authority in stake problem, for example)... we have to wholly trust all programs invoked cpi (this is somewhat lenient threat model; already we're kind of trust them)... I have to think if there could be a nice way to fix the general sol management problem..

maybe implement system_program::{create,assign}UsingFeePayer and warn if too large SOL is spent?

i mean, i'm slightly inclined to the state where users don't need to fully trust every program they play with (ala. web2 security model). That's the reason I'm thinking about AssertSplBalances instruction, which is possibly appended to txes by the wallet.