Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
@solana/instructions
Advanced tools
Helpers for creating transaction instructions
This package contains types for creating transaction instructions. It can be used standalone, but it is also exported as part of the Solana JavaScript SDK @solana/web3.js@experimental
.
AccountRole
The purpose for which an account participates in a transaction is described by the AccountRole
type. Every account that participates in a transaction can be read from, but only ones that you mark as writable may be written to, and only ones that you indicate must sign the transaction will gain the privileges associated with signers at runtime.
isSigner | isWritable | |
---|---|---|
AccountRole.READONLY | ❌ | ❌ |
AccountRole.WRITABLE | ❌ | ✅ |
AccountRole.READONLY_SIGNER | ✅ | ❌ |
AccountRole.WRITABLE_SIGNER | ✅ | ✅ |
IAccountMeta<TAddress>
This type represents an account's address and metadata about its mutability and whether it must be a signer of the transaction.
Typically, you will use one of its subtypes.
role | isSigner | isWritable | |
---|---|---|---|
ReadonlyAccount<TAddress> | AccountRole.READONLY | ❌ | ❌ |
WritableAccount<TAddress> | AccountRole.WRITABLE | ❌ | ✅ |
ReadonlySignerAccount<TAddress> | AccountRole.READONLY_SIGNER | ✅ | ❌ |
WritableSignerAccount<TAddress> | AccountRole.WRITABLE_SIGNER | ✅ | ✅ |
For example, you could type the rent sysvar account like this:
type RentSysvar = ReadonlyAccount<'SysvarRent111111111111111111111111111111111'>;
IAccountLookupMeta<TAddress, TLookupTableAddress>
This type represents a lookup of the account's address in an address lookup table. It specifies which lookup table account in which to perform the lookup, the index of the desired account address in that table, and metadata about its mutability. Notably, account addresses obtained via lookups may not act as signers.
Typically, you will use one of its subtypes.
role | isSigner | isWritable | |
---|---|---|---|
ReadonlyLookupAccount<TAddress, TLookupTableAddress> | AccountRole.READONLY | ❌ | ❌ |
WritableLookupAccount<TAddress, TLookupTableAddress> | AccountRole.WRITABLE | ❌ | ✅ |
For example, you could type the rent sysvar account that you looked up in a lookup table like this:
type RentSysvar = ReadonlyLookupAccount<
'SysvarRent111111111111111111111111111111111',
'MyLookupTable111111111111111111111111111111'
>;
IInstruction<TProgramAddress>
Use this to specify an instruction destined for a given program.
type StakeProgramInstruction = IInstruction<'StakeConfig11111111111111111111111111111111'>;
IInstructionWithAccounts<TAccounts>
Use this type to specify an instruction that contains certain accounts.
type InstructionWithTwoAccounts = IInstructionWithAccounts<
[
WritableAccount, // First account
RentSysvar // Second account
]
>;
IInstructionWithData<TData>
Use this type to specify an instruction whose data conforms to a certain type. This is most useful when you have a branded Uint8Array
that represents a particular instruction.
For example, here is how the AdvanceNonce
instruction is typed.
type AdvanceNonceAccountInstruction<
TNonceAccountAddress extends string = string,
TNonceAuthorityAddress extends string = string
> = IInstruction<'11111111111111111111111111111111'> &
IInstructionWithAccounts<
[
WritableAccount<TNonceAccountAddress>,
ReadonlyAccount<'SysvarRecentB1ockHashes11111111111111111111'>,
ReadonlySignerAccount<TNonceAuthorityAddress>
]
> &
IInstructionWithData<AdvanceNonceAccountInstructionData>;
isSignerRole(role: AccountRole)
Returns true
if the AccountRole
given represents that of a signer. Also refines the TypeScript type of the supplied role.
isWritable(role: AccountRole)
Returns true
if the AccountRole
given represents that of a writable account. Also refines the TypeScript type of the supplied role.
mergeRoles(roleA: AccountRole, roleB: AccountRole)
Given two AccountRoles
, will return the AccountRole
that grants the highest privileges of both.
Example:
// Returns `AccountRole.WRITABLE_SIGNER`
mergeRoles(AccountRole.READONLY_SIGNER, AccountRole.WRITABLE);
downgradeRoleToNonSigner(role: AccountRole)
Returns an AccountRole
representing the non-signer variant of the supplied role.
downgradeRoleToReadonly(role: AccountRole)
Returns an AccountRole
representing the non-writable variant of the supplied role.
upgradeRoleToSigner(role: AccountRole)
Returns an AccountRole
representing the signer variant of the supplied role.
upgradeRoleToWritable(role: AccountRole)
Returns an AccountRole
representing the writable variant of the supplied role.
FAQs
Helpers for creating transaction instructions
The npm package @solana/instructions receives a total of 15,359 weekly downloads. As such, @solana/instructions popularity was classified as popular.
We found that @solana/instructions demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.