You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Am I correct in assuming that using a PDA as a signer effectively makes the anchor instruction private, only callable by other instructions within the same program?
Since only the program can sign PDA's is this a way of creating instructions that are effectively uncallable by anything but my own program?
For example I have this code:
#[derive(Accounts)]#[instruction(props:ProjectStateIncreaseSpaceProps)]pubstructProjectStateIncreaseSpace<'info>{/// CHECK: the check is performed by the caller of this private endpoint./// The project will receive the lamports to increase the state size.#[account(mut)]pubproject:UncheckedAccount<'info>,/// The vault which is the signer to validate the payment.#[account(mut, seeds = [SEED_PREFIX, project.key().as_ref(),SEED_VAULT,&props.vault_index.to_le_bytes()], bump = props.vault_bump)]pubvault:Signer<'info>,/// Needed in case a reallocation is required for the project memory.pubsystem_program:Program<'info,System>,}
The handler for this instruction transfers lamports from the vault to the project. Another instruction performs validation and then creates the signer via CpiContext::new_with_signer where the seeds are identical to the seeds on the vault. In my tests I haven't been able to find a workaround to invoke this instruction from outside the program.
This is the error I see when trying to call it from a client.
Program log: AnchorError caused by account: vault. Error Code: AccountNotSigner. Error Number: 3010. Error Message: The given account did not sign.
I've also created a separate program that uses invoked_signed and it seems to unwrap with this error InvalidSeeds.
This is running on solana-program-test. Can I check that using a PDA signer is a way to make instructions effectively private?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Am I correct in assuming that using a
PDA
as a signer effectively makes the anchor instruction private, only callable by other instructions within the same program?Since only the program can sign PDA's is this a way of creating instructions that are effectively uncallable by anything but my own program?
For example I have this code:
The handler for this instruction transfers lamports from the
vault
to theproject
. Another instruction performs validation and then creates thesigner
viaCpiContext::new_with_signer
where the seeds are identical to the seeds on the vault. In my tests I haven't been able to find a workaround to invoke this instruction from outside the program.This is the error I see when trying to call it from a client.
I've also created a separate program that uses
invoked_signed
and it seems to unwrap with this errorInvalidSeeds
.This is running on
solana-program-test
. Can I check that using a PDA signer is a way to make instructions effectively private?Beta Was this translation helpful? Give feedback.
All reactions