A framework for creating PoC's for Solana Smart Contracts in a painless and intuitive way

Overview

Solana PoC Framework

DISCLAIMER: any illegal usage of this framework is heavily discouraged. Most projects on Solana offer a more than generous bug bounty. Also you don't want your kneecaps broken.

Usage

To get started, just add the following line to the dependencies section in your Cargo.toml:

[dependencies]
poc-framework = "0.1.0"

This crate already re-exports every Solana dependency you should need.

What this framework is for

This framework was made for security researchers, to facilitate a fast and convenient development of Proof-of-Concepts for bugs in Solana smart contracts or even Solana core. The generic Environment interface allows for exploits to be developed locally, and then tested on Testnet or Devnet.

Feature overview

Utility

This framework offers many utility functions that proved very useful time and time again for the PoC's we developed for the smart contrats we audited at Neodyme.

The first thing you want to do in any PoC is setup logging. This is especially useful if you use a local environment, as it is the only way to figure out why a transaction could not be executed (if for example signers are missing):

setup_logging(LogLevel::DEBUG);

Afterwards you want to define what keys you will use. Keys should easily be identifiable when printing a transaction. This purpoise gets fulfilled by the keypair(n: u8) function. The framework contains 256 pre-ground keys that start with Kxxx, where xxx is the 3-digit representation of the argument n. Note that the base58 charset does not contain 0, which is why we used o instead:

let authority = keypair(0);   // KoooVyhdpoRPA6gpn7xr3cmjqAvtpHcjcBX6JBKu1nf
let target    = keypair(1);   // Koo1BQTQYawwKVBg71J2sru7W51EJgfbyyHsTFCssRW
let mint      = keypair(2);   // Koo2SZ393psmp7ags3hMz59ciV3XWLj1GkPousNgTH1
let victim    = keypair(137); // K137jwH7CncXBTadHbLDsHNWUhuLDN4ddegJL2hmn6u

There is also a random_keypair function if you don't care about recognising a keypair.

Also very valuable for debugging purpoises is the ability to print the result of a transaction in a neat way. For this the framework provides the trait PrintableTransaction, which it implements both for ConfirmedTransaction as well as EncodedConfirmedTransaction. This trait provides the function print, which can conviniently be chained to the end of any env.execute_transaction call:

env.execute_as_transaction(&[...], &[...]).print();

Environment

At the core if this framework is the Environment trait. This encapsulates the ability to execute transactions on some chain state, as well as the utility of having a payer that pays for all fee and rent expenditures.

There are currently two different implementations: the RemoteEnvironment which executes all transactions on a cluster, and the LocalEnvironment, which executes all transactions locally on an arbitrary chain state.

The Environment trait also provides many useful shortcuts for sending transactions, like interacting with spl-token accounts or even creating accounts with arbitrary content (but obviously with a fixed owner).

RemoteEnvironment

To construct a remote environment, you require an RpcClient. These can be conveniently construced using devnet_client()/testnet_client()/localhost_client(). We do not condone using this framework on mainnet. Airdrops are also implemented, with the new_with_airdrop and airdrop functions.

let payer = read_keypair_file("big-fat-wallet.json").unwrap();
let client = devnet_client();
let mut env = RemoteEnvironment::new(client, payer);

LocalEnvironment

Constructing a local environment usually takes some effort, as one has to first clone the relevant chain state. The framework offers many different ways of doing this. From deploying a contract from a file to inserting an arbitrary account up to cloning accounts and even whole upgradable programs from a cluster:

let mut env = LocalEnvironment::builder()
    .add_account_with_lamports(authority, system_program::ID, sol_to_lamports(10.0))
    .add_token_mint(mint, Some(authority), 0, 1, None)
    .add_associated_token_account(authority, mint, 1337)
    .clone_upgradable_program_from_cluster(client, my_program::ID)
    .build();

Note however that it is possible to craft state that is not legal on the chain using this builder (for example accounts that belong to a program that contain state that the program itself would never write to it), leading to exploits that are only reproducible locally. Try to use transactions on the environment for as many things as possible to prevent these pitfalls.

Comments
  • Framework does not build with rust 1.61

    Framework does not build with rust 1.61

    To reproduce:

    $ rustup default 1.61 
    $ cargo build                                                                                                                             ✔ 
       Compiling libsecp256k1 v0.5.0
       ...
       Compiling poc-framework v0.1.6 (/home/sylvain/software/solana-poc-framework)
    error: expected None-delimited group
       --> src/lib.rs:741:21
        |
    741 |                     solana_bpf_loader_upgradeable_program!(),
        |                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
        |
        = note: this error originates in the macro `solana_bpf_loader_upgradeable_program` (in Nightly builds, run with -Z macro-backtrace for more info)
    
    error: expected None-delimited group
       --> src/lib.rs:742:21
        |
    742 |                     solana_bpf_loader_program!(),
        |                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
        |
        = note: this error originates in the macro `solana_bpf_loader_program` (in Nightly builds, run with -Z macro-backtrace for more info)
    
    error: expected None-delimited group
       --> src/lib.rs:743:21
        |
    743 |                     solana_bpf_loader_deprecated_program!(),
        |                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
        |
        = note: this error originates in the macro `solana_bpf_loader_deprecated_program` (in Nightly builds, run with -Z macro-backtrace for more info)
    
    error: could not compile `poc-framework` due to 3 previous errors
    

    It seems to be related to https://github.com/rust-lang/rust/pull/92472. It is solved by switching to rust 1.60:

    $ rustup default 1.60
    
    opened by sylvainpelissier 3
  • Temp folder errors creating files

    Temp folder errors creating files

    I had to change the source of the framework in my program to use a static temp folder.

    this line lib.rs:704: let tmpdir = TempDir::new().expect("make tempdir"); creates a folder that gets deleted quickly, and the ledger would get an error writing there after a tx or two.

    I changed line 708 to a hardcoded folder for now, but I know thats not a great fix.

    thread 'main' panicked at 'Unable to create data file /tmp/.tmpt2Dr5x/0.6 in current dir(Ok("/home/redacted/code/redacted")): Os { code: 2, kind: NotFound, message: "No such file or directory" }', /home/danah/.cargo/registry/src/github.com-1ecc6299db9ec823/solana-runtime-1.8.8/src/append_vec.rs:188:17
    note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
    [2021-12-12T07:03:14.810088262Z DEBUG solana_runtime::accounts] bank unlock accounts
    [2021-12-12T07:03:14.814666989Z INFO  solana_runtime::accounts_db] remove_dead_slots_metadata: slots [0]
    thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: PoisonError { .. }', /home/redacted/.cargo/registry/src/github.com-1ecc6299db9ec823/solana-runtime-1.8.8/src/accounts_db.rs:5376:60
    

    Full error err.txt

    opened by thesoftwarejedi 3
  • How to get sol_log output in binary contract?

    How to get sol_log output in binary contract?

    Hi there, I'm working on a closed-source Solana program. There are some sol_log in it but I can't see the output when I use poc-framework. I have setup_logging(LogLevel::DEBUG) enabled, but it only helps to print some higher level logs ,obviously not from the .so

    opened by itewqq 2
  • Fixing temp folder errors

    Fixing temp folder errors

    This request is aiming at fixing temp folder errors creating files mentioned in https://github.com/neodyme-labs/solana-poc-framework/issues/2 by setting directory to "/tmp/" thus avoiding the problem of directories getting deleted quickly.

    opened by bhcsayx 2
  • Bump once_cell from 1.13.0 to 1.16.0

    Bump once_cell from 1.13.0 to 1.16.0

    Bumps once_cell from 1.13.0 to 1.16.0.

    Changelog

    Sourced from once_cell's changelog.

    1.16.0

    • Add no_std implementation based on critical-section, #195.
    • Deprecate atomic-polyfill feature (use the new critical-section instead)

    1.15.0

    • Increase minimal supported Rust version to 1.56.0.
    • Implement UnwindSafe even if the std feature is disabled.

    1.14.0

    • Add extension to unsync and sync Lazy mut API:
      • force_mut
      • get_mut

    1.13.1

    • Make implementation compliant with strict provenance.
    • Upgrade atomic-polyfill to 1.0
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump serde from 1.0.139 to 1.0.145

    Bump serde from 1.0.139 to 1.0.145

    Bumps serde from 1.0.139 to 1.0.145.

    Release notes

    Sourced from serde's releases.

    v1.0.145

    • Allow RefCell<T>, Mutex<T>, and RwLock<T> to be serialized regardless of whether T is Sized (#2282, thanks @​ChayimFriedman2)

    v1.0.144

    • Change atomic ordering used by Serialize impl of atomic types to match ordering used by Debug impl of those same types (#2263, thanks @​taiki-e)

    v1.0.143

    • Invert build.rs cfgs in serde_test to produce the most modern configuration in the default case (#2253, thanks @​taiki-e)

    v1.0.142

    • Add keywords to crates.io metadata

    v1.0.141

    • Add no-std category to crates.io metadata

    v1.0.140

    • Invert serde_derive cfgs to convenience non-Cargo builds on a modern toolchain (#2251, thanks @​taiki-e)
    Commits
    • 8c036ee Release 1.0.145
    • d99009f Merge pull request #2282 from ChayimFriedman2/sized-mutex-refcell-rwlock
    • be3c37e Serialize unsized RefCell, Mutex and RwLock
    • f0346ae Merge pull request #2281 from dtolnay/try
    • fa6ce42 Redefine 'try' macro to omit From::from error conversion
    • a9320db Consistently avoid '?' throughout serde crate
    • d208762 Command-line ignore let_underscore_drop clippy lint
    • 5386897 Merge pull request #2273 from sashashura/patch-1
    • 68eb59d Update ci.yml
    • a7f4551 Add dev-dependencies keyword for serde_test
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump once_cell from 1.13.0 to 1.15.0

    Bump once_cell from 1.13.0 to 1.15.0

    Bumps once_cell from 1.13.0 to 1.15.0.

    Changelog

    Sourced from once_cell's changelog.

    1.15.0

    • Increase minimal supported Rust version to 1.56.0.
    • Implement UnwindSafe even if the std feature is disabled.

    1.14.0

    • Add extension to unsync and sync Lazy mut API:
      • force_mut
      • get_mut

    1.13.1

    • Make implementation compliant with strict provenance.
    • Upgrade atomic-polyfill to 1.0
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump once_cell from 1.13.0 to 1.14.0

    Bump once_cell from 1.13.0 to 1.14.0

    Bumps once_cell from 1.13.0 to 1.14.0.

    Changelog

    Sourced from once_cell's changelog.

    1.14.0

    • Add extension to unsync and sync Lazy mut API:
      • force_mut
      • get_mut

    1.13.1

    • Make implementation compliant with strict provenance.
    • Upgrade atomic-polyfill to 1.0
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump sha2 from 0.10.2 to 0.10.3

    Bump sha2 from 0.10.2 to 0.10.3

    Bumps sha2 from 0.10.2 to 0.10.3.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump serde from 1.0.139 to 1.0.144

    Bump serde from 1.0.139 to 1.0.144

    Bumps serde from 1.0.139 to 1.0.144.

    Release notes

    Sourced from serde's releases.

    v1.0.144

    • Change atomic ordering used by Serialize impl of atomic types to match ordering used by Debug impl of those same types (#2263, thanks @​taiki-e)

    v1.0.143

    • Invert build.rs cfgs in serde_test to produce the most modern configuration in the default case (#2253, thanks @​taiki-e)

    v1.0.142

    • Add keywords to crates.io metadata

    v1.0.141

    • Add no-std category to crates.io metadata

    v1.0.140

    • Invert serde_derive cfgs to convenience non-Cargo builds on a modern toolchain (#2251, thanks @​taiki-e)
    Commits
    • f52d134 Release 1.0.144
    • 6660676 Merge pull request #2263 from taiki-e/ordering
    • 1d42d35 Relax orderings of Serialize impl for atomic types to match the latest stable
    • ebd06ee Link to apache-avro crate's published docs
    • f198582 Merge pull request #2258 from Mottl/patch-1
    • 60e4092 Fixes link to Apache Avro in documentation
    • 3d02516 Release 1.0.143
    • 7770da4 Merge pull request #2253 from taiki-e/test-cfg
    • a5fd85a Invert build.rs cfgs in serde_test
    • abb2a84 Release 1.0.142
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump once_cell from 1.13.0 to 1.13.1

    Bump once_cell from 1.13.0 to 1.13.1

    Bumps once_cell from 1.13.0 to 1.13.1.

    Changelog

    Sourced from once_cell's changelog.

    1.13.1

    • Make implementation compliant with strict provenance.
    • Upgrade atomic-polyfill to 1.0
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump once_cell from 1.13.0 to 1.17.0

    Bump once_cell from 1.13.0 to 1.17.0

    Bumps once_cell from 1.13.0 to 1.17.0.

    Changelog

    Sourced from once_cell's changelog.

    1.17.0

    • Add race::OnceRef for storing a &'a T.

    1.16.0

    • Add no_std implementation based on critical-section, #195.
    • Deprecate atomic-polyfill feature (use the new critical-section instead)

    1.15.0

    • Increase minimal supported Rust version to 1.56.0.
    • Implement UnwindSafe even if the std feature is disabled.

    1.14.0

    • Add extension to unsync and sync Lazy mut API:
      • force_mut
      • get_mut

    1.13.1

    • Make implementation compliant with strict provenance.
    • Upgrade atomic-polyfill to 1.0
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Is it possible to execute an instruction with PDA signed using framework LocalEnvironment?

    Is it possible to execute an instruction with PDA signed using framework LocalEnvironment?

    I am currently doing some tests on Anchor programs and found that sometimes they may need a PDA signed to invoke certain instructions, for Solana official APIs we have invoke_signed() which allows passing PDA seeds into it such as workshop level0 examples: image However the execute_as_transaction() API for LocalEnvironment only allows keypairs, I am wondering if there is anything for it to allow similar functions? Thank you very much!

    opened by bhcsayx 1
  • adds new feature to set payer for the transactions

    adds new feature to set payer for the transactions

    • adds feature to set payer for transactions.
    • Fixes Cross-program invocation with unauthorized signer or writable account Error caused when singer is different from payer for simulating cpi calls using functions tx_with_instructions or execute_as_transaction or execute_as_transaction_debug.
    opened by chhajershrenik 0
  • Bump serde from 1.0.139 to 1.0.147

    Bump serde from 1.0.139 to 1.0.147

    Bumps serde from 1.0.139 to 1.0.147.

    Release notes

    Sourced from serde's releases.

    v1.0.147

    • Add serde::de::value::EnumAccessDeserializer which transforms an EnumAccess into a Deserializer (#2305)

    v1.0.146

    • Allow internally tagged newtype variant to contain unit (#2303, thanks @​tage64)

    v1.0.145

    • Allow RefCell<T>, Mutex<T>, and RwLock<T> to be serialized regardless of whether T is Sized (#2282, thanks @​ChayimFriedman2)

    v1.0.144

    • Change atomic ordering used by Serialize impl of atomic types to match ordering used by Debug impl of those same types (#2263, thanks @​taiki-e)

    v1.0.143

    • Invert build.rs cfgs in serde_test to produce the most modern configuration in the default case (#2253, thanks @​taiki-e)

    v1.0.142

    • Add keywords to crates.io metadata

    v1.0.141

    • Add no-std category to crates.io metadata

    v1.0.140

    • Invert serde_derive cfgs to convenience non-Cargo builds on a modern toolchain (#2251, thanks @​taiki-e)
    Commits
    • f415092 Release 1.0.147
    • 6d00971 Merge pull request #2305 from serde-rs/enumaccessdeserializer
    • 354b48f Add EnumAccessDeserializer to turn EnumAccess into a Deserializer
    • 3fd8e52 Release 1.0.146
    • 142dce0 Touch up PR 2303
    • 6aed101 Merge pull request #2303 from tage64/master
    • e2ccfd9 Remove bad deserialization from sequence to internally tagged newtype variant...
    • a07d794 Update test_suite/tests/test_annotations.rs
    • 90d28fc Serialize and deserialize a tagged newtype variant over unit () as if it was ...
    • 55cf0ac Merge pull request #2297 from serde-rs/output
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump sha3 from 0.10.1 to 0.10.4

    Bump sha3 from 0.10.1 to 0.10.4

    Bumps sha3 from 0.10.1 to 0.10.4.

    Commits
    • b1c5032 Fix MSRV issues by re-releasing sha1, sha2, sha3, md5, and whirlpool. Take 2....
    • db5af59 Fix MSRV issues by re-releasing sha1, sha2, sha3, md5, and whirlpool (#399)
    • b74be34 Remove html_root_url (#393)
    • 38ea355 Release md5 v0.10.2, sha1 v0.10.2, sha2 v0.10.3, whirlpool v0.10.2 (#392)
    • 4c7a3fa build(deps): bump cpufeatures from 0.2.3 to 0.2.4 (#389)
    • e5ad181 Ignore asm feature on unsupported targets (#388)
    • 79af27a Expand on DynDigest example in README (#390)
    • e5d9356 Update Cargo.lock
    • 457061f sha3 v0.10.2 (#384)
    • 53d9671 Release fsb v0.1.2 (#382)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
Owner
Neodyme
Neodyme is a small team of security researchers, with experts in various technologies and ecosystems.
Neodyme
My attempt at learning Solana program (smart contract) development through RareSkill's Solana course.

60-days-of-solana My attempt at learning Solana program (smart contract) development through RareSkill's Solana course. Originally, I was trying to cr

Jasper 3 Feb 25, 2024
A framework for publishing, deploying, invoking, and upgrading soroban smart contracts

SmartDeploy A framework for publishing, deploying, and upgrading Soroban smart contracts. Uses Loam-SDK Publishing Currently smart contracts are insta

null 4 May 10, 2023
evm2near compiles Solidity contracts into NEAR WebAssembly contracts.

EVM → NEAR evm2near is a project for compiling EVM bytecode into wasm bytecode, with the particular goal of having that wasm artifact be executable on

Aurora 125 Dec 3, 2022
Ticketed Discreet Log Contracts (DLCs) to enable instant buy-in for wager-like contracts on Bitcoin.

dlctix Ticketed Discreet Log Contracts (DLCs) to enable instant buy-in for wager-like contracts on Bitcoin. This project is part of the Backdrop Build

null 7 Feb 29, 2024
Rust client to Opensea's APIs and Ethereum smart contracts

opensea.rs Rust bindings & CLI to the Opensea API and Contracts CLI Usage Run cargo r -- --help to get the top level help menu: opensea-cli 0.1.0 Choo

Georgios Konstantopoulos 226 Dec 27, 2022
Helpful functions and macros for developing smart contracts on NEAR Protocol.

near-contract-tools Helpful functions and macros for developing smart contracts on NEAR Protocol. This package is a collection of common tools and pat

Jacob 27 Dec 17, 2022
Helpful functions and macros for developing smart contracts on NEAR Protocol.

near-contract-tools Helpful functions and macros for developing smart contracts on NEAR Protocol. This package is a collection of common tools and pat

NEARFoundation 9 Aug 3, 2022
Rust client to Seaport's APIs and Ethereum smart contracts(WIP)

Seaport-rs WIP - WORK IN PROGRESS. REFER TO https://github.com/Alcibiades-Capital/quay FOR PRODUCTION READY CODE I'm new to Rust and seek to be legend

Perelyn 21 Nov 29, 2022
Rust project for working with ETH - Ethereum transactions with Rust on Ganache and also deploy smart contracts :)

Just a test project to work with Ethereum but using Rust. I'm using plain Rust here, not Foundry. In future we will use Foundry. Hope you're already f

Akhil Sharma 2 Dec 20, 2022
RGB smart contracts: client-facing library & command-line for desktop and mobile

RGB smart contracts RGB is confidential & scalable client-validated smart contracts for Bitcoin & Lightning. It embraces the concepts of private & mut

RGB: scalable & private smart contracts for bitcoin & lightning 4 Mar 15, 2023
zink! is a library for developing ink! smart contracts with useful Rust macros that extend functionality and reduce boilerplate code.

zink! Smart Contract Macros This is a helper library for developing ink! smart contracts. It contains useful Rust macros that extend functionality and

Scio Labs 3 Nov 3, 2023
An automated CLI tool that optimizes gas usage in Solidity smart contracts, focusing on storage and function call efficiency.

Solidity-Gas-Optimizoor An high performance automated CLI tool that optimizes gas usage in Solidity smart contracts, focusing on storage and function

Chia Yong Kang 10 Mar 11, 2024
Galleries of NFTs using Solana and Rust for contracts

About this Package created to simplify the process of parsing NFTs on Solana. It consists of: Package basic things like fetch all NFTs for specific wa

Andrew Scott 1 Jan 28, 2022
Smart contracts for Ref Finance

Ref Finance Contracts This mono repo contains the source code for the smart contracts of Ref Finance on NEAR. Contracts Contract Reference Description

Ref Finance 92 Dec 7, 2022
Skyward Finance smart-contracts

Build and Init ./build.sh near dev-deploy res/skyward.was export CONTRACT_ID=skyward.testnet near call $CONTRACT_ID new --account_id=$CONTRACT_ID Regi

Skyward Finance 777 Jan 4, 2023
My code for the terra.academy course on CosmWasm smart contracts

CosmWasm Starter Pack This is a template to build smart contracts in Rust to run inside a Cosmos SDK module on all chains that enable it. To understan

Alex Incerti 0 Nov 7, 2021
Smart contracts powering Spectrum Protocol on Terra

Spectrum Core Contracts This monorepository contains the source code for the core smart contracts implementing Spectrum Protocol on the Terra blockcha

Spectrum Protocol 38 Dec 19, 2022
A template to build smart contracts in Rust to run inside a Cosmos SDK module on all chains that enable it.

CosmWasm Starter Pack This is a template to build smart contracts in Rust to run inside a Cosmos SDK module on all chains that enable it. To understan

null 1 Mar 7, 2022
Create your personal token with rust smart contracts

Solana Rust Token ?? This application written Rust using Anchor ⚓

Ritesh 6 Nov 22, 2022