Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@solana/instructions
Advanced tools
Helpers for creating transaction instructions
This package contains types for creating transaction instructions. It can be used standalone, but it is also exported as part of the Solana JavaScript SDK @solana/web3.js@rc
.
AccountRole
The purpose for which an account participates in a transaction is described by the AccountRole
type. Every account that participates in a transaction can be read from, but only ones that you mark as writable may be written to, and only ones that you indicate must sign the transaction will gain the privileges associated with signers at runtime.
isSigner | isWritable | |
---|---|---|
AccountRole.READONLY | ❌ | ❌ |
AccountRole.WRITABLE | ❌ | ✅ |
AccountRole.READONLY_SIGNER | ✅ | ❌ |
AccountRole.WRITABLE_SIGNER | ✅ | ✅ |
IAccountMeta<TAddress>
This type represents an account's address and metadata about its mutability and whether it must be a signer of the transaction.
Typically, you will use one of its subtypes.
role | isSigner | isWritable | |
---|---|---|---|
ReadonlyAccount<TAddress> | AccountRole.READONLY | ❌ | ❌ |
WritableAccount<TAddress> | AccountRole.WRITABLE | ❌ | ✅ |
ReadonlySignerAccount<TAddress> | AccountRole.READONLY_SIGNER | ✅ | ❌ |
WritableSignerAccount<TAddress> | AccountRole.WRITABLE_SIGNER | ✅ | ✅ |
For example, you could type the rent sysvar account like this:
type RentSysvar = ReadonlyAccount<'SysvarRent111111111111111111111111111111111'>;
IAccountLookupMeta<TAddress, TLookupTableAddress>
This type represents a lookup of the account's address in an address lookup table. It specifies which lookup table account in which to perform the lookup, the index of the desired account address in that table, and metadata about its mutability. Notably, account addresses obtained via lookups may not act as signers.
Typically, you will use one of its subtypes.
role | isSigner | isWritable | |
---|---|---|---|
ReadonlyLookupAccount<TAddress, TLookupTableAddress> | AccountRole.READONLY | ❌ | ❌ |
WritableLookupAccount<TAddress, TLookupTableAddress> | AccountRole.WRITABLE | ❌ | ✅ |
For example, you could type the rent sysvar account that you looked up in a lookup table like this:
type RentSysvar = ReadonlyLookupAccount<
'SysvarRent111111111111111111111111111111111',
'MyLookupTable111111111111111111111111111111'
>;
IInstruction<TProgramAddress>
Use this to specify an instruction destined for a given program.
type StakeProgramInstruction = IInstruction<'StakeConfig11111111111111111111111111111111'>;
IInstructionWithAccounts<TAccounts>
Use this type to specify an instruction that contains certain accounts.
type InstructionWithTwoAccounts = IInstructionWithAccounts<
[
WritableAccount, // First account
RentSysvar, // Second account
]
>;
IInstructionWithData<TData>
Use this type to specify an instruction whose data conforms to a certain type. This is most useful when you have a branded Uint8Array
that represents a particular instruction.
For example, here is how the AdvanceNonce
instruction is typed.
type AdvanceNonceAccountInstruction<
TNonceAccountAddress extends string = string,
TNonceAuthorityAddress extends string = string,
> = IInstruction<'11111111111111111111111111111111'> &
IInstructionWithAccounts<
[
WritableAccount<TNonceAccountAddress>,
ReadonlyAccount<'SysvarRecentB1ockHashes11111111111111111111'>,
ReadonlySignerAccount<TNonceAuthorityAddress>,
]
> &
IInstructionWithData<AdvanceNonceAccountInstructionData>;
isSignerRole(role: AccountRole)
Returns true
if the AccountRole
given represents that of a signer. Also refines the TypeScript type of the supplied role.
isWritable(role: AccountRole)
Returns true
if the AccountRole
given represents that of a writable account. Also refines the TypeScript type of the supplied role.
mergeRoles(roleA: AccountRole, roleB: AccountRole)
Given two AccountRoles
, will return the AccountRole
that grants the highest privileges of both.
Example:
// Returns `AccountRole.WRITABLE_SIGNER`
mergeRoles(AccountRole.READONLY_SIGNER, AccountRole.WRITABLE);
downgradeRoleToNonSigner(role: AccountRole)
Returns an AccountRole
representing the non-signer variant of the supplied role.
downgradeRoleToReadonly(role: AccountRole)
Returns an AccountRole
representing the non-writable variant of the supplied role.
upgradeRoleToSigner(role: AccountRole)
Returns an AccountRole
representing the signer variant of the supplied role.
upgradeRoleToWritable(role: AccountRole)
Returns an AccountRole
representing the writable variant of the supplied role.
FAQs
Helpers for creating transaction instructions
We found that @solana/instructions demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.