Skip to content

Refactor escrow account to be an ATA #108

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
May 30, 2025
Merged

Refactor escrow account to be an ATA #108

merged 3 commits into from
May 30, 2025

Conversation

grod220
Copy link
Member

@grod220 grod220 commented May 27, 2025
edited
Loading

Closes #46 (credit to @bonedaddy for first report)

Formerly, the escrow account was something the user could supply where unwrapped tokens could be held. The only requirement was for the owner to be the wrapped mint authority. After some thinking and audits, it's worth revisiting. In the annoying case, someone else could unwrap through your escrow, leaving you to find another to unwrap through. If they were malicious, they could unwrap through your escrow and re-wrap through say hundreds of very small accounts. This would leave you, on the client side, scrambling to unwrap through those accounts. In general, this frontrunning is a griefing attack surface.

This PR adds validation that requires the escrow to be a ATA associated with the wrapped mint. That way, everyone on that mint shares a deterministic bucket to unwrap from.

Changes to:

  • Program processor
  • CLI
  • tests

Javascript updates in #109

@grod220 grod220 force-pushed the escrow-refactor branch from 1ebfb04 to bf99b79 Compare May 27, 2025 19:53
@grod220 grod220 mentioned this pull request May 27, 2025
Merged
@grod220 grod220 requested a review from joncinque May 27, 2025 20:13
@grod220
Copy link
Member Author

grod220 commented May 28, 2025

Pulling out javascript code into another PR for cleaner separation

@grod220 grod220 force-pushed the escrow-refactor branch from bf99b79 to 5bf2c97 Compare May 28, 2025 02:36
@grod220 grod220 mentioned this pull request May 28, 2025
Merged
joncinque
joncinque reviewed May 29, 2025
View reviewed changes
Copy link
Contributor

@joncinque joncinque left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a couple of small things, looks great overall!

@grod220 grod220 force-pushed the escrow-refactor branch from 5bf2c97 to cfdc71c Compare May 30, 2025 07:45
joncinque
joncinque approved these changes May 30, 2025
View reviewed changes
Copy link
Contributor

@joncinque joncinque left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great!

@grod220 grod220 merged commit 6c29a88 into main May 30, 2025
11 checks passed
@grod220 grod220 deleted the escrow-refactor branch May 30, 2025 10:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joncinque joncinque joncinque approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Escrow Account Should Probably Be Enforced To Be An ATA
2 participants
@grod220 @joncinque