A collection of Solana-maintained on-chain programs

Overview

Build status

Solana Program Library

The Solana Program Library (SPL) is a collection of on-chain programs targeting the Sealevel parallel runtime. These programs are tested against Solana's implementation of Sealevel, solana-runtime, and deployed to its mainnet. As others implement Sealevel, we will graciously accept patches to ensure the programs here are portable across all implementations.

Full documentation is available at https://spl.solana.com

Development

Environment Setup

  1. Install the latest Rust stable from https://rustup.rs/
  2. Install Solana v1.6.1 or later from https://docs.solana.com/cli/install-solana-cli-tools
  3. Install the libudev development package for your distribution (libudev-dev on Debian-derived distros, libudev-devel on Redhat-derived).

Build

The normal cargo build is available for building programs against your host machine:

$ cargo build

To build a specific program, such as SPL Token, for the Solana BPF target:

$ cd token/program
$ cargo build-bpf

Test

Unit tests contained within all projects can be run with:

$ cargo test      # <-- runs host-based tests
$ cargo test-bpf  # <-- runs BPF program tests

To run a specific program's tests, such as SPL Token:

$ cd token/program
$ cargo test      # <-- runs host-based tests
$ cargo test-bpf  # <-- runs BPF program tests

Integration testing may be performed via the per-project .js bindings. See the token program's js project for an example.

Clippy

$ cargo clippy

Coverage

$ ./coverage.sh  # Please help! Coverage build currently fails on MacOS due to an XCode `grcov` mismatch...

MacOS

You may need to pin your grcov version, and then rustup with the apple-darwin nightly toolchain:

$ cargo install grcov --version 0.6.1
$ rustup toolchain install nightly-x86_64-apple-darwin

Release Process

SPL programs are currently tagged and released manually. Each program is versioned independently of the others, with all new development occurring on master. Once a program is tested and deemed ready for release:

Bump Version

  • Increment the version number in the program's Cargo.toml
  • Generate a new program ID and replace in <program>/program-id.md and <program>/src/lib.rs
  • Run cargo build-bpf <program> to update relevant C bindings. (Note the location of the generated spl_<program>.so for attaching to the Github release.)
  • Open a PR with these version changes and merge after passing CI.

Create Github tag

Program tags are of the form <program>-vX.Y.Z. Create the new tag at the version-bump commit and push to the solana-program-library repository, eg:

$ git tag token-v1.0.0 b24bfe7
$ git push upstream --tags

Publish Github release

  • Go to GitHub Releases UI
  • Click "Draft new release", and enter the new tag in the "Tag version" box.
  • Title the release "SPL vX.Y.Z", complete the description, and attach the spl_<program>.so binary
  • Click "Publish release"

Publish to Crates.io

Navigate to the program directory and run cargo package to test the build. Then run cargo publish.

Disclaimer

All claims, content, designs, algorithms, estimates, roadmaps, specifications, and performance measurements described in this project are done with the Solana Foundation's ("SF") best efforts. It is up to the reader to check and validate their accuracy and truthfulness. Furthermore nothing in this project constitutes a solicitation for investment.

Any content produced by SF or developer resources that SF provides, are for educational and inspiration purposes only. SF does not encourage, induce or sanction the deployment, integration or use of any such applications (including the code comprising the Solana blockchain protocol) in violation of applicable laws or regulations and hereby prohibits any such deployment, integration or use. This includes use of any such applications by the reader (a) in violation of export control or sanctions laws of the United States or any other applicable jurisdiction, (b) if the reader is located in or ordinarily resident in a country or territory subject to comprehensive sanctions administered by the U.S. Office of Foreign Assets Control (OFAC), or (c) if the reader is or is working on behalf of a Specially Designated National (SDN) or a person subject to similar blocking or denied party prohibitions.

The reader should be aware that U.S. export control and sanctions laws prohibit U.S. persons (and other persons that are subject to such laws) from transacting with persons in certain countries and territories or that are on the SDN list. As a project based primarily on open-source software, it is possible that such sanctioned persons may nevertheless bypass prohibitions, obtain the code comprising the Solana blockchain protocol (or other project code or applications) and deploy, integrate, or otherwise use it. Accordingly, there is a risk to individuals that other persons using the Solana blockchain protocol may be sanctioned persons and that transactions with such persons would be a violation of U.S. export controls and sanctions law. This risk applies to individuals, organizations, and other ecosystem participants that deploy, integrate, or use the Solana blockchain protocol code directly (e.g., as a node operator), and individuals that transact on the Solana blockchain through light clients, third party interfaces, and/or wallet software.

Comments
  • [token/ts] TypeError: fields must be array of Layout instances

    [token/ts] TypeError: fields must be array of Layout instances

    If I import the library I get:

    TypeError: fields must be array of Layout instances
    

    NPM package:

    @solana/spl-token: ^0.2.0-alpha.0
    

    https://github.com/solana-labs/solana-program-library/blob/c5d73812cb2df5f2e71e832f70da7af90604b085/token/ts/src/instructions/initializeMint.ts#L22-L29

    Update

    The problem disappear if I install:

    npm install -S @solana/buffer-layout
    

    NPM package:

    @solana/buffer-layout: ^4.0.0
    

    Maybe it's an npm dependencies resolution problem.

    opened by Admdebian 33
  • Migrate to @solana/buffer-layout

    Migrate to @solana/buffer-layout

    The buffer-layout package used here as a dependency lacks proper typing, which causes issues with downstream libraries depending on the token program TypeScript code.

    Solana Labs maintains a buffer-layout implementation with types already: https://github.com/solana-labs/buffer-layout

    I suggest to change the dependency to that implementation.

    opened by israelidanny 28
  • Associated token account owner is changeable

    Associated token account owner is changeable

    Should the owner of an associated token account be changeable by a call to setAuthority in the SPL Token Program? Otherwise why have the associated token account program in the first place?

    I believe it breaks the pattern of deterministically finding a token account given a mint key and a "wallet", and it forces developers to endlessly create multiple token accounts.

    Can any check be added to prevent this?

    opened by ADBalici 24
  • Add naming service program

    Add naming service program

    Hi, here is a short description of a spl-program that would allow issuing, accessing, and managing ownership of: domain names, Solana Pubkeys, URLs, twitter handles, ipfs cid's etc..

    The program interface is also given in the readme. Please let me know if you have any suggestions.

    automerge 
    opened by Lcchy 24
  • token-upgrade: Define new conversion program

    token-upgrade: Define new conversion program

    Problem

    If people want to move fungible tokens from token to token-2022, they'll need a way to trustlessly destroy the old tokens and create the new ones. This can come in many forms, but it would be a good gesture towards the community to provide a reference implementation that can be tweaked.

    Solution

    Let's get it started with state + interface definitions! The basic concept goes:

    • create token-2022 mint
    • set mint authority to the defined PDA
    • create the factory
    • let people upgrade
    • reclaim mint authority when you need to mint tokens yourself

    PDAs were chosen to have only one factory per mint, that cannot be closed / recreated afterwards, this way you lock in the old mint to always point to the new mint. And it's easy to discover the new mint.

    Also, since factories can't be closed, after you "reclaim" mint authority, you can always assign it back to the factory and let it work once again, giving lots of flexibility.

    opened by joncinque 22
  • stake-pool: add bindings to js

    stake-pool: add bindings to js

    • add new bindings

      • IncreaseValidatorStake
      • DecreaseValidatorStake
      • UpdateValidatorListBalance
      • UpdateStakePoolBalance
      • CleanupRemovedValidatorEntries
      • DepositStake
    • add new function

      • stakePoolInfo

    @joncinque

    community 
    opened by AlexanderRay 22
  • fully switch to @solana/buffer-layout

    fully switch to @solana/buffer-layout

    So, here is some more maintenance work of migrating off the non-typescript buffer-layout.

    A couple of observations:

    • It's quite nerve-wrecking to contribute here because there are no tests 😅 How do we make sure even a harmless update such as this one doesn't ruin stuff?
    • The lending program JS code heavily depended on generics in the buffer-layout typings, so instead of depending on the npm version I depended on https://github.com/jordansexton/buffer-layout/tree/generics and made sure it builds without errors. I would consider merging https://github.com/jordansexton/buffer-layout/tree/generics (or at least discussing why not merge it)
    community 
    opened by israelidanny 21
  • Flashloan for token lending

    Flashloan for token lending

    This PR adds flash loan to the token-lending program. It also supports collecting fee's from flash loan which is set when initReserve.

    Fixes: https://github.com/solana-labs/solana-program-library/issues/997

    opened by leofisG 21
  • Add default-token-account program

    Add default-token-account program

    The SPL Default Token Account program defines and implements conventions around locating and creating the default token account for a user wallet as discussed in https://github.com/solana-labs/solana-program-library/pull/612

    TODO:

    • [ ] Flesh out tests, does the thing actually work? Can't tell yet cause we don't have nice way to unit test invoke_signed()
    • [ ] Add full DTA support to spl-token-cli. This'll really clean up the command-line UX!
    opened by mvines 19
  • Add rent awareness to spl-token

    Add rent awareness to spl-token

    Current spl-token is completed rent unaware, which leads to a couple problems:

    1. If the Token account is not rent-exempt, https://github.com/solana-labs/solana-program-library/blob/f8f51c13fa5dcddaf7823c33de6b7c574ee8d500/token/src/state.rs#L19-L26 and if it's rent collected then all the basic information about the token is lost, as well as the ability to mint new tokens or burn existing tokens
    2. If the Account account is not rent-exempt, https://github.com/solana-labs/solana-program-library/blob/f8f51c13fa5dcddaf7823c33de6b7c574ee8d500/token/src/state.rs#L41-L52 and if it's rent collected then the supply field in the Token account is now wrong.

    (1) is probably not a big issue, but (2) certainly is.

    Possible solution: a) Require the Token account to be rent-exempt b) Remove the supply field from Token account so that an Account account that is not rent-exempt cannot poison the supply. This increases the burden on Rpc and other clients, as the token supply must now be calculated by enumerating all the Account accounts for a given token

    opened by mvines 19
  • Let the SPL token program accept signatures from the owner of the owner

    Let the SPL token program accept signatures from the owner of the owner

    The original issue has been closed. https://github.com/solana-labs/solana-program-library/issues/2517 Although part of the conversation there may related to wallet support, but the original idea is not.

    Recap: associated token account <=(own) program generated account <=(own) the actural owner,

    For some reasons, that ATA is created not for the actural owner, but for the owner's token account.

    Is there a way to let the actural owner get the token from that ATA?

    opened by yushizhao 16
  • build(deps): bump json5 from 1.0.1 to 1.0.2 in /token-swap/js

    build(deps): bump json5 from 1.0.1 to 1.0.2 in /token-swap/js

    Bumps json5 from 1.0.1 to 1.0.2.

    Release notes

    Sourced from json5's releases.

    v1.0.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
    Changelog

    Sourced from json5's changelog.

    Unreleased [code, diff]

    v2.2.3 [code, diff]

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

    v2.1.3 [code, diff]

    • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

    v2.1.2 [code, diff]

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
    opened by dependabot[bot] 1
  • build(deps): bump json5 from 1.0.1 to 1.0.2 in /name-service/js

    build(deps): bump json5 from 1.0.1 to 1.0.2 in /name-service/js

    Bumps json5 from 1.0.1 to 1.0.2.

    Release notes

    Sourced from json5's releases.

    v1.0.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
    Changelog

    Sourced from json5's changelog.

    Unreleased [code, diff]

    v2.2.3 [code, diff]

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

    v2.1.3 [code, diff]

    • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

    v2.1.2 [code, diff]

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
    dependencies javascript 
    opened by dependabot[bot] 0
  • build(deps): bump json5 from 1.0.1 to 1.0.2 in /account-compression/sdk

    build(deps): bump json5 from 1.0.1 to 1.0.2 in /account-compression/sdk

    Bumps json5 from 1.0.1 to 1.0.2.

    Release notes

    Sourced from json5's releases.

    v1.0.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
    Changelog

    Sourced from json5's changelog.

    Unreleased [code, diff]

    v2.2.3 [code, diff]

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

    v2.1.3 [code, diff]

    • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

    v2.1.2 [code, diff]

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
    dependencies javascript 
    opened by dependabot[bot] 0
  • build(deps-dev): bump @solana/web3.js from 1.36.0 to 1.73.0 in /token-lending/js

    build(deps-dev): bump @solana/web3.js from 1.36.0 to 1.73.0 in /token-lending/js

    Bumps @solana/web3.js from 1.36.0 to 1.73.0.

    Release notes

    Sourced from @​solana/web3.js's releases.

    v1.73.0

    1.73.0 (2022-12-30)

    Features

    • add commission fields matching RPC spec to web3.js client (#29435) (cfdf3f3)

    v1.72.0

    1.72.0 (2022-12-24)

    Features

    v1.71.0

    1.71.0 (2022-12-24)

    Features

    • Allow for verifying the sigs of partially signed txs in web3.js (#29249) (5cd70d6)

    v1.70.3

    1.70.3 (2022-12-20)

    Bug Fixes

    • make toBytes actually return the type it's typehint claims (#29313) (4ebe08e)

    v1.70.2

    1.70.2 (2022-12-19)

    Bug Fixes

    • reduce Connection keep-alive timeout to 1 second fewer than the Solana RPC's keep-alive timeout (#29130) (6478d7d)

    v1.70.1

    1.70.1 (2022-12-09)

    Bug Fixes

    • pretty print PublicKey objects in node and in the browser (#29062) (3801514)

    v1.70.0

    1.70.0 (2022-12-06)

    ... (truncated)

    Commits
    • cfdf3f3 feat: add commission fields matching RPC spec to web3.js client (#29435)
    • 6364ee0 chore: typecheck web3.js tests (#29422)
    • 07fa944 ci: fix web3-commit-lint (#29414)
    • 1bcb7cc test: fix get inflation rate test failed at test:live (#29413)
    • 18cbcbb feat: add getInflationRate RPC call to web3.js (#29377)
    • 5cd70d6 feat: Allow for verifying the sigs of partially signed txs in web3.js (#29249)
    • 4ebe08e fix: make toBytes actually return the type it's typehint claims (#29313)
    • 48a5026 docs: make the comments on using the new confirmTransaction clearer (#29251)
    • 6478d7d fix: reduce Connection keep-alive timeout to 1 second fewer than the Solana R...
    • d14dcf6 docs: add endianess for pubkey byte/buffer functions (#29079)
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by _chido, a new releaser for @​solana/web3.js since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    opened by dependabot[bot] 1
  • build(deps-dev): bump @types/node from 16.11.14 to 18.11.18 in /token-lending/js

    build(deps-dev): bump @types/node from 16.11.14 to 18.11.18 in /token-lending/js

    Bumps @types/node from 16.11.14 to 18.11.18.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    automerge 
    opened by dependabot[bot] 0
Releases(governance-v3.1.0)
  • governance-v3.1.0(Dec 13, 2022)

    Summary

    • Council governance plugins
    • Non transferable and revokable membership
    • Veto vote
    • Council rules
      • approval quorum
      • vote tipping
      • veto threshold
    • Explicitly disabled options
      • community/council vote
      • community/council proposals
    • Absolute max supply
    • Proposal cool off time
    • Proposal deposit

    Verification

    The program binary can be verified using Anchor verifiable build

    $ cd governance/program
    $ anchor verify GovER5Lthms3bLBqWub97yVrMmEogzX7xNjdXpPPCVZw
    
    Source code(tar.gz)
    Source code(zip)
    spl_governance_3_1_0.so(641.00 KB)
  • account-compression-v0.1.5(Dec 6, 2022)

    Minor changes:

    • Expose all header types to help indexers deserialize CMT Account Headers
    • Expose getter method for creationSlot in CMT Account Header
    Source code(tar.gz)
    Source code(zip)
  • associated-token-account-v1.1.2(Nov 29, 2022)

  • token-cli-v2.2.0(Nov 21, 2022)

    Summary of changes

    • convert all token cli functionality to run through the new rust token client and remove transaction building and execution logic from the cli for all commands
    • implement spl-token display, which displays detailed information for mints, accounts, and multisigs, including details on all extensions except confidential transfers
    • improve spl-token accounts to show accounts from both programs by default. show program id, delegate, and close authority in verbose mode. allow accounts to filter by presence of delegate or close authority, so users can audit these permissions for possible malicious usage
    • support MintCloseAuthority extension
    • support InterestBearingConfig extension
    • support MemoTransfer extension
    • support ImmutableOwner extension
    • support CpiGuard extension
    • support NonTransferable extension
    • support TransferFeeConfig extension
    • support PermanentDelegate extension
    • add --recipient-owner flag to command_mint to infer recipient ATA address
    • infer program_id when possible from mints/accounts passed into cli commands
    • properly load config file at all callsites
    • fix bug with closing accounts not working for system recipients
    • deprecate account-info in favor of display
    • deprecate multisig-info in favor of display
    • BREAKING: --program-id is now restricted to spl_token::id() or spl_token_2022::id()
    • update solana version to 1.14.6
    Source code(tar.gz)
    Source code(zip)
  • token-2022-v0.5.0(Nov 21, 2022)

    Summary of changes

    • Implement CPI Guard extension (#3712)
    • Implement Permanent Delegate extension (#3725)
    • Various Confidential Transfer changes

    NOTE: This is still an alpha release, so backwards incompatible changes are possible in the future. Do not depend on the exact layout of extension data for your code.

    Source code(tar.gz)
    Source code(zip)
  • account-compression-js-v0.1.4(Oct 29, 2022)

  • token-js-v.0.3.6(Oct 28, 2022)

  • account-compression-js-v0.1.3(Oct 28, 2022)

    Adds several features in addition to matching spl-account-compression v0.1.4's updated accounts interface (renaming Wrapper to Noop)

    Fixes:

    • Fix @metaplex-foundation/beet and @metaplex-foundation/beet-solana dependencies by moving them to deps (from devDeps)

    Additions:

    • Add docs via typedoc
    • Add linting & prettier
    • Add all depth + size pairs for Concurrent Merkle Tree initialization
    • Export the MerkleTree class used in the tests, so developers have rudimentary way of indexing their applications

    Breaking changes:

    • instructions:
      • Helper functions reordered keys: tree, then authority, then arguments
      • Helper functions now take PublicKeys, not Keypairs
      • Initialize helper functions now take ValidDepthSizePair rather than raw numbers
    • accounts:
      • ConcurrentMerkleTreeAccount getActiveIndex renamed to getCurrentBufferIndex

    Readme added examples:

    • Creating a tree
    • Minting a leaf to the tree
    • Using the provided merkle tree lib to keep track of off-chain data

    Tests:

    • Test all initialization pairs

    Note: Skipped v0.1.2

    Source code(tar.gz)
    Source code(zip)
  • concurrent-merkle-tree-v0.1.2(Oct 21, 2022)

  • account-compression-js-v0.1.1(Oct 13, 2022)

    Minor improvements to JS SDK

    • Expose all maxDepth, maxBufferSize pairs
    • Add canopyDepth getter to ConcurrentMerkleTreeAccount
    • Fix issue that required @metaplex-foundation/beet* to be installed separately
    • Update README.md
    Source code(tar.gz)
    Source code(zip)
  • account-compression-v0.1.3(Oct 13, 2022)

  • account-compression-v0.1.2(Oct 7, 2022)

    spl-account-compression:

    • Added method to easily emit arbitrary application data via spl-noop program*
    • Add README file for crate

    spl-noop:

    • Add README file for crate

    Update typescript SDK to have separate methods for deserializing event data emitted via spl-noop *Emitted application data is prefixed with a different tag than emitted ChangeLog events. This is done to help indexers distinguish between spl-account-compression event data and their application-level data. However, it is not strictly necessary to interact with spl-noop, since any program can CPI to spl-noop with arbitrary data.

    Source code(tar.gz)
    Source code(zip)
  • account-compression-v0.1.1(Oct 6, 2022)

    • Update program ids for spl-noop, spl-account-compression
    • Add instruction to remove empty tree for spl-account-compression
    • Update spl-concurrent-merkle-tree to support checking empty tree condition
    Source code(tar.gz)
    Source code(zip)
  • token-cli-v2.0.17(Aug 25, 2022)

  • governance-v1.1.1(Aug 23, 2022)

  • token-2022-v0.4.3(Aug 16, 2022)

  • stake-pool-v0.7.0(Aug 11, 2022)

    Summary of changes

    Program

    • Upgrade to Solana 1.10.33
    • Add instructions to create and update Metaplex Token Metadata, which must be signed by the pool manager
    Source code(tar.gz)
    Source code(zip)
  • token-v3.5.0(Aug 4, 2022)

  • associated-token-account-v1.1.1(Aug 4, 2022)

  • token-v3.4.0(Aug 3, 2022)

    Summary of Changes

    New instructions for forward compatibility with Token-2022:

    • InitializeImmutableOwner: no-op instruction
    • UiAmountToAmount / AmountToUiAmount: converts between u64 and string amounts
    • GetAccountDataSize: returns the required size for an account, always 165

    Changes:

    • Closing accounts results in a full reinitialization of the account, reassigning it back to the system program and reallocating its size to 0

    Release

    The program was released under feature flag Ftok4njE8b7tDffYkC5bAbCaQv5sL6jispYrprzatUwN, enable since epoch 334 on mainnet-beta.

    Verification

    Program verification uses the Anchor command-line interface, which can be installed by following the documentation.

    The verification process builds the program in an Ubuntu container which contains the Solana CLI tools and its dependencies. More information can be found on the verifiable builds documentation.

    In order to verify the program, please check out this tag, then run:

    $ cd token/program
    $ anchor verify --solana-version 1.10.33 --bootstrap debian --docker-image ubuntu:20.04 --provider.cluster mainnet TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA
    

    This will take a couple of minutes, and then finally output:

    Build success
    TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA is verified.
    

    Note: the actual crate versions are still at version 3.3.0 in order to preserve verifiability. The actual version bump and release was done from #3427

    Source code(tar.gz)
    Source code(zip)
    spl_token-3.4.0.so(130.93 KB)
    spl_token.so(130.93 KB)
  • token-2022-v0.4.2(Jul 27, 2022)

  • associated-token-account-v1.1.0(Aug 3, 2022)

    Summary of changes

    New instructions:

    • CreateIdempotent: just like the normal Create that won't throw an error if the account already exists
    • RecoverNested: recover "nested" funds, where the funds are held by an account which is owned by an associated token account address

    New features:

    • creating an account includes the InitializeImmutableOnwer instruction from the Token-2022 program, making all accounts created for Token-2022 immutably owned. This feature is not supported by the Token program.
    • during account creation, the program queries the token program to know the size of the target account using GetAccountDataSize. This is most useful for Token-2022, where tokens may require more space to accommodate extensions

    Release

    The program was released under feature flag FaTa17gVKoqbh38HcfiQonPsAaQViyDCCSg71AubYZw8, enable since epoch 334 on mainnet-beta.

    Verification

    Program verification uses the Anchor command-line interface, which can be installed by following the documentation.

    The verification process builds the program in an Ubuntu container which contains the Solana CLI tools and its dependencies. More information can be found on the verifiable builds documentation.

    From associated-token-account/program, run:

    $ anchor verify --solana-version 1.10.33 -b debian -d ubuntu:20.04 --provider.cluster mainnet ATaYDmFSp5AgaJRGUcHeys4uF1wzCroXPeDgT7AcU82L
    
    Source code(tar.gz)
    Source code(zip)
    spl_associated_token_account-1.1.0.so(102.57 KB)
    spl_associated_token_account.so(102.57 KB)
  • token-cli-v2.0.16(Jul 25, 2022)

    Summary of changes

    • Use Solana SDK version 1.10.29
    • Update to newest version of token and associated-token-account on mainnet
    • Add tests
    • Add more checks during closing and transfer
    • Add --program-id argument for using Token-2022 in the future
    Source code(tar.gz)
    Source code(zip)
  • governance-v2.2.6(Jul 11, 2022)

  • token-2022-v0.4.1(Jul 11, 2022)

    Summary of changes

    • Self transfer-with-fees of confidential tokens are updated so that they do not incur fees (#3193)
    • The confidential extension ConfigureAccount instruction is updated so that users cannot accidentally overwrite an existing account state (#3216)
    • An incoming transfer counter field is added to a confidential extension account so that incoming transfers can be limited, which allows for easier decryption (#3208)
    • Update to Solana crates @ v1.10.29 (#3303)
    • JSON serde support for some Token-related instructions (#3291)

    NOTE: This is still an alpha release, so backwards incompatible changes are possible in the future. Do not depend on the exact layout of extension data for your code.

    Source code(tar.gz)
    Source code(zip)
    spl_token_2022-0.4.1.so(420.28 KB)
    spl_token_2022.so(420.28 KB)
  • token-2022-v0.4.0(Jun 10, 2022)

    Summary of changes

    • Limit incoming transfers for confidential tokens
    • Fix confidential self transfer with fees
    • Add non-transferable token extension
    • Add interest-bearing token extension
    • Set transfer fee two epochs ahead
    • Update Solana SDK to 1.10.19

    NOTE: This is still an alpha release, so backwards incompatible changes are possible in the future. Do not depend on the exact layout of extension data for your code.

    This program is deployed to all clusters at TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb

    Source code(tar.gz)
    Source code(zip)
    spl_token_2022-0.4.0.so(674.81 KB)
    spl_token_2022.so(674.81 KB)
  • token-swap-v3.0.0(Jun 7, 2022)

    New address

    This release changes the canonical address of the token-swap program to SwapsVeCiPHMUAtzQWZw7RjsKjgCjhwU55QGu4U1Szw, which is deployed to testnet and devnet, NOT mainnet-beta. We will continue to support a deployment to this address for educational and testing purposes.

    Changes

    • Update to Solana SDK 1.10
    • Add stable swap curve fully
    • Prevent deposits into a swap pool using the offset curve
    • Use find_program_address on-chain during init, without providing a bump seed in the instruction data

    Client

    This release also includes the TS @solana/spl-token-swap version 0.2.0.

    Source code(tar.gz)
    Source code(zip)
  • governance-v2.2.5(Jun 1, 2022)

    Summary

    Do not allow relinquishing votes during proposal finalisation to keep consistent state

    Verification

    The program binary can be verified using Anchor verifiable build

    $ cd governance/program
    $ anchor verify GovER5Lthms3bLBqWub97yVrMmEogzX7xNjdXpPPCVZw
    
    Source code(tar.gz)
    Source code(zip)
    spl_governance.so(846.79 KB)
  • token-2022-v0.3.0(Apr 26, 2022)

    Summary of changes

    • Add AuthorityType::CloseMint variant to disambiguate SetAuthority instructions targeting the mint_close_authority extension
    • Update to Solana SDK v1.10.10

    NOTE: This is still an alpha release, so backwards incompatible changes are possible in the future. Do not depend on the exact layout of extension data for your code.

    This version of the program is not yet deployed to any public clusters

    Source code(tar.gz)
    Source code(zip)
    spl_token_2022.so(301.85 KB)
  • governance-v2.2.4(Mar 24, 2022)

    Summary

    Support Anchor native account discriminators for MaxVoterWeightRecord and VoterWeightRecord https://github.com/solana-labs/solana-program-library/pull/3026

    Verification

    The program binary can be verified using Anchor verifiable build

    $ cd governance/program
    $ anchor verify GovER5Lthms3bLBqWub97yVrMmEogzX7xNjdXpPPCVZw
    
    Source code(tar.gz)
    Source code(zip)
    spl_governance.so(847.26 KB)
Owner
Solana Foundation
Solana Foundation
The Solana Program Library (SPL) is a collection of on-chain programs targeting the Sealevel parallel runtime.

Solana Program Library The Solana Program Library (SPL) is a collection of on-chain programs targeting the Sealevel parallel runtime. These programs a

null 6 Jun 12, 2022
Examples of Solana on-chain programs

spl-examples List of Solana on-chain programs which demonstrate different aspects of Solana architecture. 01__state It's a counter program. Each user

Max Block 51 Dec 6, 2022
Synchronized shadow state of Solana programs available for off-chain processing.

Solana Shadow The Solana Shadow crate adds shadows to solana on-chain accounts for off-chain processing. This create synchronises all accounts and the

null 40 Oct 30, 2022
CLI tool for deterministically building and verifying executable against on-chain programs or buffer accounts

Solana Verify CLI A command line tool to build and verify solana programs. Users can ensure that the hash of the on-chain program matches the hash of

Ellipsis Labs 5 Jan 30, 2023
⛏ An open protocol for launching liquidity mining programs on Solana.

⛏ Quarry An open protocol for launching liquidity mining programs on Solana. Background Quarry was built with the intention of helping more Solana pro

Quarry Protocol 207 Dec 19, 2022
A suite of programs for Solana key management and security.

?? goki Goki is a suite of programs for Solana key management and security. It currently features: Goki Smart Wallet: A wallet loosely based on the Se

Goki Protocol 157 Dec 8, 2022
🧑‍✈ Version control and key management for Solana programs.

captain ??‍✈️ Version control and key management for Solana programs. Automatic versioning of program binaries based on Cargo Separation of deployer a

Saber 35 Mar 1, 2022
Deploy your Solana programs during high load.

solana-deployer IMPORTANT: There is a known bug with the current program that will be fixed soon. In the meantime you should deploy from Solana Playgr

acheron 34 Nov 7, 2022
Write Anchor-compatible Solana programs in TypeScript

Axolotl Write Achor-compatible Solana programs using TypeScript. Writing Rust is hard, but safe. It's also the go-to language for writing Solana progr

Anthony Morris 17 Nov 27, 2022
Extract data from helium-programs via Solana RPC and serves it via HTTP

hnt-explorer This application extracts data from helium-programs via Solana RPC and serves it via HTTP. There are CLI commands meant to run and test t

Louis Thiery 3 May 4, 2023
Examples of cw20 usage, extracted from cw-plus, maintained by the community

CosmWasm Tokens This is a collection of cw20-related contracts extracted from cw-plus. These serve as examples of what is possible to build and as sta

CosmWasm 59 Jan 2, 2023
NFT mixing program on solana chain

Mixture_machine Core logic of composing NFT Compose of NFT As you invoke compose_nft function with 2 or more child NFTs, child NFTs are locked in to M

Jay Soh 7 Dec 12, 2022
Demonstrates Solana data account versioning used in supporting the Solana Cookbook article: Account Data Versioning

versioning-solana This repo demonstrates ONE rudimentary way to upgrade/migrate account data changes with solana program changes. What is data version

Frank V. Castellucci 6 Sep 30, 2022
My attempt at learning Solana program (smart contract) development through RareSkill's Solana course.

60-days-of-solana My attempt at learning Solana program (smart contract) development through RareSkill's Solana course. Originally, I was trying to cr

Jasper 3 Feb 25, 2024
⬆ A program for deploying and upgrading programs.

DeployDAO Migrator WARNING: This code is a work in progress. Please do not use it as is. A program for deploying and upgrading programs. About The Mig

Deploy DAO 28 May 28, 2022
A template for command-line Rust programs

This is a template for command-line Rust programs. Clone and run the rename script with both a lowercase and UpperCase name. In the dev profile, depen

ludios 2 Oct 3, 2022
Simple shared types for multi-threaded Rust programs

Keep Calm (and call Clone) Simple shared types for multi-threaded Rust programs: keepcalm gives you permission to simplify your synchronization code i

Matt Mastracci 5 Mar 6, 2023
Cross-chain hub for Crypto Asset on Polkadot

ChainX ChainX is a community-driven project built on the next-generation blockchain framework substrate, the largest Layer-2 network of Bitcoin using

ChainX 261 Dec 28, 2022
Official implementation of the YeeCo Root Chain (Layer 1)

yeeroot Official implementation of the YeeCo Root Chain (Layer 1) YeeCo is a permissionless, secure, high performance and scalable public blockchain p

YeeCo 29 Sep 20, 2022